authentik

mirror of https://github.com/goauthentik/authentik synced 2026-04-27 01:55:08 +02:00

Author	SHA1	Message	Date
Jens L.	d5ee53feb2	providers/ldap: inherit adjustable page size for LDAP searchers (#21377 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2026-04-04 22:42:35 +02:00
Marc 'risson' Schmitt	4dfdf9afa3	root: allow listening on multiple IPs (#20930 )	2026-03-19 15:46:47 +00:00
Jens L.	849c37806d	internal: make http timeouts configurable (#20472 ) * internal: make http timeouts configurable Signed-off-by: Jens Langhammer <jens@goauthentik.io> * Changed formatting to match the rest of the doc --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Dewi Roberts <dewi@goauthentik.io>	2026-02-25 14:21:13 +01:00
dependabot[bot]	122cee049a	core: bump library/golang from 1.25.5-trixie to 1.26.0-trixie in /lifecycle/container (#20381 ) * core: bump library/golang in /lifecycle/container Bumps library/golang from 1.25.5-trixie to 1.26.0-trixie. --- updated-dependencies: - dependency-name: library/golang dependency-version: 1.26.0-trixie dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * bump & fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> * bump docs too Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2026-02-19 12:35:00 +00:00
Jens L.	03e16b3a14	root: make logged HTTP headers configurable (#19716 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2026-01-26 14:31:54 +01:00
Dominic R	a479c79b34	internal/outpost: improve PostgreSQL connection options parsing (#19118 ) * internal: Outpost's conn options should be base64 json * correctly parse target_session_attrs + tests * fix port handling to use env provided port * add multiple port handling abilities to mirror the python config parser --------- Co-authored-by: Duncan Tasker <tasatree@gmail.com>	2026-01-13 10:52:28 -05:00
Marc 'risson' Schmitt	c30d1a478d	files: rework (#17535 ) Co-authored-by: Dominic R <dominic@sdko.org> Co-authored-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Tana M Berry <tana@goauthentik.io>	2025-12-02 18:01:51 +01:00
Dominic R	795a025af9	outpost/proxyv2: postgresstore: db/pool/misc cleanup and enhancement (#17511 ) * wip * Update internal/outpost/proxyv2/application/session_postgres_test.go Signed-off-by: Dominic R <dominic@sdko.org> * Update refresh.go Co-authored-by: Jens L. <jens@goauthentik.io> Signed-off-by: Dominic R <dominic@sdko.org> --------- Signed-off-by: Dominic R <dominic@sdko.org> Co-authored-by: Jens L. <jens@goauthentik.io>	2025-10-20 16:25:13 +02:00
Dominic R	06bfcf04e3	outpost/proxyv2: postgresstore: credential refresh (#17414 ) * outpost/proxyv2: postgresstore: credential refresh * wip * mabye * mabye fix	2025-10-15 15:22:27 +02:00
Dominic R	6dde8bdd4a	outpost: proxyv2: Use Postgres for the Embedded Outpost (#16628 ) * wip Co-authored-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Dominic R <dominic@sdko.org> * remove testing files * a * wip * pls * pls2 * a * Update authentik/providers/proxy/models.py Co-authored-by: Jens L. <jens@beryju.org> Signed-off-by: Dominic R <dominic@sdko.org> * makemigrations * pls * pls1000 * dont migrate in go Signed-off-by: Jens Langhammer <jens@goauthentik.io> * set uuid Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix more test cases Signed-off-by: Jens Langhammer <jens@goauthentik.io> * better logging Signed-off-by: Jens Langhammer <jens@goauthentik.io> * set gorm nowfunc (gorm defaults to local time) Signed-off-by: Jens Langhammer <jens@goauthentik.io> * improve test db closing Signed-off-by: Jens Langhammer <jens@goauthentik.io> * move expiration to field Signed-off-by: Jens Langhammer <jens@goauthentik.io> * dont' manually set table Signed-off-by: Jens Langhammer <jens@goauthentik.io> * refactor tests more Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more refactor Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix em Signed-off-by: Jens Langhammer <jens@goauthentik.io> * postgres cleanup is done by worker Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update expiry and set expiring Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Dominic R <dominic@sdko.org> Co-authored-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens L. <jens@beryju.org>	2025-10-09 16:59:15 +02:00
Marc 'risson' Schmitt	e2040dc3ad	lib/config: fix listen settings (#17005 )	2025-09-25 15:31:17 +00:00
dependabot[bot]	84b5992e55	ci: bump golangci/golangci-lint-action from 6 to 7 (#13661 ) * ci: bump golangci/golangci-lint-action from 6 to 7 Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 6 to 7. - [Release notes](https://github.com/golangci/golangci-lint-action/releases) - [Commits](https://github.com/golangci/golangci-lint-action/compare/v6...v7) --- updated-dependencies: - dependency-name: golangci/golangci-lint-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * fix lint Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix v2 Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix v3 Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2025-03-26 18:03:20 +01:00
Andrea Scarpino	94eff50306	root: redis, make sure tlscacert isn't an empty string (#12407 ) * root: redis, make sure tlscacert isn't an empty string * make TLSCaCert a string instead of pointer Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2025-01-13 20:14:26 +01:00
Jens L.	5e72ec9c0c	root: support running authentik in subpath (#8675 ) * initial subpath support Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make outpost compatible Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix static files somewhat Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix web interface Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix most static stuff Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix most web links Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix websocket Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix URL for static files Signed-off-by: Jens Langhammer <jens@goauthentik.io> * format web Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add root redirect for subpath Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * set cookie path Signed-off-by: Jens Langhammer <jens@goauthentik.io> * Update internal/config/struct.go Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> Signed-off-by: Jens L. <jens@beryju.org> * fix sfe Signed-off-by: Jens Langhammer <jens@goauthentik.io> * bump required version Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix flow background Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix lint and some more links Signed-off-by: Jens Langhammer <jens@goauthentik.io> * format Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix impersonate Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens L. <jens@beryju.org> Signed-off-by: Jens L. <jens@goauthentik.io> Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>	2024-11-26 15:38:23 +01:00
Jens L	a742331484	root: make redis settings more consistent (#9335 ) * make redis settings more consistent Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add support to go Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rewrite url Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix redis connect in wait_for_db Signed-off-by: Jens Langhammer <jens@goauthentik.io> * censor password when logging error Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * reword docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add redis url generation helper Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-04-18 16:49:41 +02:00
Marc 'risson' Schmitt	05fb11b1f0	website/docs: s3: fix environment variables (#8722 )	2024-02-28 12:27:19 +01:00
Marc 'risson' Schmitt	abc0c2d2a2	root: Multi-tenancy (#7590 ) * tenants -> brands, init new tenant model, migrate some config to tenants Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * setup logging for tenants Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * configure celery and cache Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * small fixes, runs Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * task fixes, creation of tenant now works by cloning a template schema, some other small stuff Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * lint Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix-tests Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * upstream fixes Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix-pylint Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * lint Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix tests Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix avatar tests Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * migrate config reputation_expiry as well Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix web rebase Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * lint Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix migrations for template schema Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix migrations for template schema Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix migrations for template schema 3 Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * revert reputation expiry migration Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix type Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix some more tests Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * website: tenants -> brands Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * try fixing e2e tests Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * start frontend :help: Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * add ability to disable tenants api Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * delete embedded outpost if it is disabled Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * make sure embedded outpost is disabled when tenants are enabled Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * management commands: add --schema option where relevant Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * store files per-tenant Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix embedded outpost deletion Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * lint Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix files migration Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * add tenant api tests Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * add domain tests Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * add settings tests Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * make --schema-name default to public in mgmt commands Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * lint Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * sources/ldap: make sure lock is per-tenant Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix stuff I broke Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix remaining failing tests Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * lint Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * try fixing e2e tests Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * much better frontend, but save does not refresh form properly Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * update django-tenants with latest fixes Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * lint Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * i18n-extract Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * review comments Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * move event_retention from brands to tenants Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * wip Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * root: add support for storing media files in S3 Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * use permissions for settings api Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * lint Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * blueprints: disable tenants management Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix tests Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix embedded outpost create/delete logic Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * make gen Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * make sure prometheus metrics are correctly served Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * makefile: don't delete the go api client when not regenerating it Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * tenants api: add recovery group and token creation endpoints Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix startup Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix prometheus metrics Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix tests Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * lint Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix web stuff Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix migrations from stable Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix oauth source type import Signed-off-by: Jens Langhammer <jens@goauthentik.io> * Revert "fix oauth source type import" This reverts commit `d015fd0244`. * try with setting_changed signal Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * try with connection_created signal Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix scim tests Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix web after merge Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix enterprise settings Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * Revert "try with connection_created signal" This reverts commit `764a999db8`. * Revert "try with setting_changed signal" This reverts commit `32b40a3bbb`. * lib/expression: refactor expression compilation Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix django version Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix web after merge Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * relock poetry Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix reconcile Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * try running tenant save in a transaction Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * black Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * test: export postgres logs for debugging and use failfast Signed-off-by: Jens Langhammer <jens@goauthentik.io> * test: fix container name for logs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * do not copy tenant data Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * Revert "try running tenant save in a transaction" This reverts commit `da6dec5a61`. * Revert "do not copy tenant data" This reverts commit d07ae9423672f068b0bd8be409ff9b58452a80f2. * Revert "Revert "do not copy tenant data"" This reverts commit `4bffb19704`. * fix clone with nodata Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * why not Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * remove failfast Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove postgres query logging Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update reconcile logic to clearly differentiate between tenant and global Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix reconcile app decorator Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * enable django checks Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * actually nodata was unnecessary as we're cloning from template and not from public Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * pylint Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * update django-tenants with sequence fix Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * actually update Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix e2e tests Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * add tests for settings api Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * add tests for recovery api Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * lint Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * recovery tests: do them on a new tenant Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * web: fix system status being degraded when embedded outpost is disabled Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix recovery tests Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix tenants tests Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * lint-fix Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * lint-fix Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * update UI Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add management command to create a tenant Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add docs Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * release notes Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * more docs Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * checklist Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * self review Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * spelling Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * make web after upgrading Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * remove extra xlif file Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * prettier Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * Revert "add management command to create a tenant" This reverts commit `39d13c0447`. * split api into smaller files, only import urls when tenants is enabled Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rewite some things on the release notes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * root: make sure install_id comes from public schema Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * require a license to use tenants Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * lint Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix tenants tests Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix files migration Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * release notes: add warning about user sessions being invalidated Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * remove api disabled test, we can't test for it Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> --------- Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2024-01-23 14:28:06 +01:00
Marc 'risson' Schmitt	b0e74d348a	root: fix listen trusted_proxy_cidrs config loading from environment (#8075 ) Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2024-01-10 22:39:27 +00:00
Jens L	729ef4d786	root: bump python deps (django 5) (#7862 ) * bump python deps Signed-off-by: Jens Langhammer <jens@goauthentik.io> * vendor pickle serializer for now Signed-off-by: Jens Langhammer <jens@goauthentik.io> #7761 * cleanup some things and re-build api scheme Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix web and go Signed-off-by: Jens Langhammer <jens@goauthentik.io> * actually fix go...? Signed-off-by: Jens Langhammer <jens@goauthentik.io> * better annotate json fields Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use jsondictfield wherever Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove all virtualenvs? Signed-off-by: Jens Langhammer <jens@goauthentik.io> * ? Signed-off-by: Jens Langhammer <jens@goauthentik.io> * final version bump Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-12-18 22:07:59 +01:00
Philipp Kolberg	9db9ad3d66	root: Restructure broker / cache / channel / result configuration (#7097 ) * Initial commit * Remove any remaining mentions of Redis URL This is handled in https://github.com/goauthentik/authentik/pull/5395 * Allow setting broker transport options This enables usage of other brokers that require additional settings * Remove remaining reference to Redis URL This functionality is not part of this PR * Reset default TLS requirements to none * Fix linter errors * Move dict from base64 encoded json to config.py Additionally add tests * Replace ast.literal_eval with json.loads * Use default channel and cache backend configuration If more customization is desired users shall look at goauthentik.io/docs/installation/configuration#custom-python-settings * Send config deprecation notification to all superusers * Remove duplicate method * Add configuration explanation For channel layer settings * Use Event for deprecation warning * Fix remove duplicated method * Add missing comma * Update authentik/lib/config.py Signed-off-by: Jens L. <jens@beryju.org> * Fix Event deprecation handling --------- Signed-off-by: Jens L. <jens@beryju.org> Co-authored-by: Jens L <jens@beryju.org>	2023-11-10 15:44:37 +01:00
Jens L	9e29789c09	root: fix config loading for outposts (#6640 ) * root: fix config loading for outposts Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix error handling Signed-off-by: Jens Langhammer <jens@goauthentik.io> * improve check to see if outpost is embedded or not Signed-off-by: Jens Langhammer <jens@goauthentik.io> * also fix oauth url fetching Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-08-26 19:40:48 +02:00
Marc 'risson' Schmitt	599f7e7c88	root: config: remove redundant default configs Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>	2023-08-26 02:41:37 +02:00
Marc 'risson' Schmitt	e0a7d0b365	root: config: config discovery parity between go and python Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>	2023-08-26 02:41:37 +02:00
Jens L	d22d147c8e	security: fix CVE-2023-36456 (#6171 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-07-06 18:16:26 +02:00
Bardi Harborow	5c8f024d12	website: add documentation for AUTHENTIK_REDIS__TLS (#5349 ) * website: add documentation for AUTHENTIK_REDIS__TLS Signed-off-by: Bardi Harborow <bardi@bardiharborow.com> * add tls reqs Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Bardi Harborow <bardi@bardiharborow.com> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-04-23 11:37:53 +03:00
Jens L	3f5effb1bc	providers/radius: simple radius outpost (#1796 ) * initial implementation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens@goauthentik.io> * cleanup Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add migrations Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix web Signed-off-by: Jens Langhammer <jens@goauthentik.io> * minor fixes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use search-select Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update locale Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fixup Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix ip with port being sent to delegated ip Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add radius tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-20 16:54:35 +01:00
Jens Langhammer	9f431396c0	providers/proxy: ensure issuer is correct when browser url override is set Signed-off-by: Jens Langhammer <jens@goauthentik.io> #4715	2023-02-19 17:35:29 +01:00
[information redacted]	d4dce5b250	root: fix config load order to include /etc/authentik/config.yml (#4669 )	2023-02-12 23:52:13 +01:00
Jens Langhammer	a1be924fa4	*: strip leading and trailing whitespace when reading config values from files also add a debug endpoint that dumps the go parsed config Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-09 15:29:22 +01:00
Jens Langhammer	a9680d6088	internal: fix race condition with config loading on startup, add index on debug server Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-08 20:33:04 +01:00
Jens Langhammer	7eb6320d74	outposts: use common config loader for outposts to support loading values from file closes #4383 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2023-01-08 14:19:16 +01:00
Jens Langhammer	b6b72e389d	internal: dont error if environment config isn't found Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-12 10:38:38 +00:00
Jens L	276af8457d	root: make sentry DSN configurable (#4016 ) * make sentry DSN configurable Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * make proxy smarter Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix typo in config struct Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-15 16:05:29 +01:00
Jens L	55aa1897af	root: use single redis db (#4009 ) * use single redis db Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * cleanup prefixes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * ensure __str__ always returns string Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix remaining old prefixes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add release notes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-15 14:31:29 +01:00
Jens Langhammer	6356ddd9f3	internal: replace ioutils Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-08-08 21:00:45 +02:00
Jens Langhammer	85640d402f	internal: fix race conditions when accessing settings before bootstrap Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-08-06 00:24:55 +02:00
Jens L	2ce8e18bab	internal: centralise config for listeners to use same config system everywhere (#3367 ) * centralise config for listeners to use same config system everywhere Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #3360 * add docs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-08-03 21:33:27 +02:00
Jens Langhammer	55739ee982	internal: add additional error handling in config loader Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-07-26 11:48:57 +02:00
Jens Langhammer	10b48b27b0	internal: walk config in go, check, parse and load from scheme like in python closes #2719 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-07-26 11:33:37 +02:00
Jens Langhammer	41eb44137e	internal: remove pkg/errors	2022-07-05 20:26:33 +00:00
Jens Langhammer	82a999f95d	internal: disable HTML encoding in logrus Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-04-04 22:57:55 +02:00
Jens Langhammer	621773c1ea	internal: rework global logging settings, embedded outpost no longer overwrites core, clean up double init Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-20 21:23:19 +01:00
Jens Langhammer	82acba26af	internal: fix sentry sample rate not applying to proxy Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-20 19:42:26 +01:00
Jens Langhammer	534689895c	lib: remove old load_local_files setting Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-11 22:03:06 +01:00
Jens Langhammer	0d02dbf55c	api: replace django sentry proxy with go proxy to prevent login issues Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-02 14:44:37 +01:00
Jens L	7158c9d2ea	core: metrics v2 (#1370 ) * outposts: add ldap metrics, move ping to 9100 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outpost: add flow_executor metrics Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * use port 9300 for metrics, add core metrics port Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outposts/controllers/k8s: add service monitor creation support Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-09 15:52:24 +02:00
Jens Langhammer	4c3a9e69f2	outposts/proxy: fix securecookie: no codecs provided error with redis Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-09 10:23:46 +02:00
Jens Langhammer	502393ee56	outpost/proxyv2: allow port offset via yaml Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-08 21:07:06 +02:00
Jens Langhammer	45731d8069	cmd: add option to disable embedded outpost Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-29 19:19:13 +02:00
Jens Langhammer	e02207f38d	outpost/embedded: use redis session backend Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-07 22:12:22 +02:00

1 2

56 Commits