authentik

mirror of https://github.com/goauthentik/authentik synced 2026-04-27 01:55:08 +02:00

Author	SHA1	Message	Date
Jens L.	a6775bc61e	tests: refactor test harness to split apart a single file (#21391 ) * re-instate previously flaky test Signed-off-by: Jens Langhammer <jens@goauthentik.io> * break up big file Signed-off-by: Jens Langhammer <jens@goauthentik.io> * move geoip data to subdir Signed-off-by: Jens Langhammer <jens@goauthentik.io> * i am but a weak man Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix ldap disconnect in testing Signed-off-by: Jens Langhammer <jens@goauthentik.io> * account for mismatched uid due to test server process Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2026-04-05 22:12:52 +02:00
Jens L.	d5ee53feb2	providers/ldap: inherit adjustable page size for LDAP searchers (#21377 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2026-04-04 22:42:35 +02:00
Marc 'risson' Schmitt	1ceb46ca15	providers/proxy: fix oidc client not using socket in embedded outpost (#21280 ) * providers/proxy: fix oidc client not using socket in embedded outpost Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * cleanup and switch Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2026-04-02 16:50:12 +02:00
dependabot[bot]	ba82c97409	core: bump beryju.io/ldap from 0.1.0 to 0.2.1 (#21235 ) * core: bump beryju.io/ldap from 0.1.0 to 0.2.1 Bumps [beryju.io/ldap](https://github.com/beryju/ldap) from 0.1.0 to 0.2.1. - [Commits](https://github.com/beryju/ldap/compare/v0.1.0...v0.2.1) --- updated-dependencies: - dependency-name: beryju.io/ldap dependency-version: 0.2.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * update code Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2026-04-02 14:37:00 +02:00
Jens L.	189251dc26	proviers/ldap: avoid concurrent header writes in API Client (#21223 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2026-03-29 20:52:49 +02:00
Marc 'risson' Schmitt	2f70351c90	packages/client-go: init (#21139 ) * packages/client-go: init Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * format Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove mod/sum Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix translate Signed-off-by: Jens Langhammer <jens@goauthentik.io> * no go replace Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update rust makefile with pwd Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix build Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * don't need a version ig? Signed-off-by: Jens Langhammer <jens@goauthentik.io> * exclude go client from cspell Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix main docker build Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2026-03-25 15:26:50 +01:00
Marc 'risson' Schmitt	bc0cbdf4b6	internal: remove unix sockets on shutdown (#21081 )	2026-03-23 13:42:33 +00:00
Marc 'risson' Schmitt	e3ddc0422a	internal/outpost/ak: fix ws URL on outpost restart (#21041 )	2026-03-20 14:11:38 +00:00
Marc 'risson' Schmitt	4dfdf9afa3	root: allow listening on multiple IPs (#20930 )	2026-03-19 15:46:47 +00:00
Jens L.	ec7efa53cb	providers/proxy: move search path to query instead of runtime parameter (#20662 ) Co-authored-by: Dominic R <dominic@sdko.org>	2026-03-03 17:49:28 +00:00
Xabier Napal	35e025b25a	outpost/proxyv2: prevent panic in handleSignOut (#20097 ) outpost/proxyv2: use safe claims extraction in handleSignOut to prevent panic Signed-off-by: Xabier Napal <xabier.napal@dvzr.io>	2026-03-03 18:21:25 +01:00
Brolywood	17ab3a4b73	providers/proxy: preserve URL-encoded path characters in redirect (#20476 ) Use r.URL.EscapedPath() instead of r.URL.Path when building the redirect URL in redirectToStart(). The decoded Path field converts %2F to /, which url.JoinPath then collapses via path.Clean, stripping encoded slashes from the URL. EscapedPath() preserves the original encoding, fixing 301 redirects that break apps like RabbitMQ which use %2F in their API paths.	2026-02-23 17:30:47 +01:00
dependabot[bot]	122cee049a	core: bump library/golang from 1.25.5-trixie to 1.26.0-trixie in /lifecycle/container (#20381 ) * core: bump library/golang in /lifecycle/container Bumps library/golang from 1.25.5-trixie to 1.26.0-trixie. --- updated-dependencies: - dependency-name: library/golang dependency-version: 1.26.0-trixie dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * bump & fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> * bump docs too Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2026-02-19 12:35:00 +00:00
Chetan Sarva	3f1a0f83ca	outpost/proxyv2: revalidate auth if session fails to load (#18063 )	2026-02-05 17:19:28 +00:00
Marc 'risson' Schmitt	85434710f3	root: update client-go generation (#19762 )	2026-01-26 19:51:38 +01:00
Jens L.	9cb7c74e1c	internal: fix certificate not refetched if fingerprint changes (#19761 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2026-01-26 17:07:35 +01:00
Vít Skalický	bc3a1f128b	providers/proxy: Fix incorrect comparison of redirect URL and CookieDomain (#15686 ) * Fix incorect comparison of redirect URL and CookieDomain. Fixes #15685 According to docs, URL.Host contains the host and port, while Hostname returns only the host without the port. CookieDomain obviously does not contain the port. string.HasSuffix function is used, so if a port is set in the redirect URL, this check always fails. * Fixed missing parentheses --------- Co-authored-by: Dewi Roberts <dewi@goauthentik.io>	2026-01-22 17:44:22 +00:00
Dominic R	3873f43ea3	outpost/proxyv2: fix stale session cookie causing 400 error in createState (#19026 )	2026-01-13 10:52:42 -05:00
Dominic R	a479c79b34	internal/outpost: improve PostgreSQL connection options parsing (#19118 ) * internal: Outpost's conn options should be base64 json * correctly parse target_session_attrs + tests * fix port handling to use env provided port * add multiple port handling abilities to mirror the python config parser --------- Co-authored-by: Duncan Tasker <tasatree@gmail.com>	2026-01-13 10:52:28 -05:00
Marc 'risson' Schmitt	1a4ae2f102	outpost/proxyv2: reduce max number of postgres connections (#19211 )	2026-01-06 18:19:41 +00:00
Connor Peshek	4ac01724a5	rbac: Add show all to roles tab, add role tab to groups (#19097 ) * improve sort order and inherit visual * Update web/src/admin/groups/GroupViewPage.ts Co-authored-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com> Signed-off-by: Connor Peshek <connor@connorpeshek.me> * Update web/src/admin/users/UserViewPage.ts Co-authored-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com> Signed-off-by: Connor Peshek <connor@connorpeshek.me> * Update web/src/admin/roles/RelatedRoleList.ts Co-authored-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com> Signed-off-by: Connor Peshek <connor@connorpeshek.me> * Update web/src/admin/roles/RelatedRoleList.ts Co-authored-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com> Signed-off-by: Connor Peshek <connor@connorpeshek.me> * Update web/src/admin/roles/RelatedRoleList.ts Co-authored-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com> Signed-off-by: Connor Peshek <connor@connorpeshek.me> * Update web/src/admin/roles/RelatedRoleList.ts Co-authored-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com> Signed-off-by: Connor Peshek <connor@connorpeshek.me> * setup include inherited roles and fix returning nothing * update api calls * fix rendering error * do not use set * change from exception handling * go off query param * fix wording * fix linting error for new group api structure --------- Signed-off-by: Connor Peshek <connor@connorpeshek.me> Co-authored-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com>	2026-01-05 23:14:44 +00:00
Jens L.	9ef7f706e9	internal: don't warn on empty outpost for embedded (#18786 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2025-12-14 00:50:58 +01:00
Marcelo Elizeche Landó	15b93a5e9d	stages/identification: Add WebAuthn conditional UI (passkey autofill) support (#18377 ) * add passkey_login to identification stage * handle passkey auth in identification stage * Add passkey settings in identification stage in the admin UI * Add UI changes for basic passkey conditional login * Fix linting * rework Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update tests * update admin form * allow passing stage to validate_challenge_webauthn * update flows/tests/test_inspector.py * update for new field * Fix linting * update go solvers for identification challenge * Refactor tests * Skip mfa validation if user already authenticated via passkey at identification stage * Add skip_if_passkey_authenticated option to authenticator validate stage and UI * Add e2e test for passkey login conditional ui * add policy Signed-off-by: Jens Langhammer <jens@goauthentik.io> * Remove skip_if_passkey_authenticated * fix blueprint * Set backend so password stage policy knows user is already authenticated * Set backend so password stage policy knows user is already authenticated * fix linting * slight tweaks Signed-off-by: Jens Langhammer <jens@goauthentik.io> * simplify e2e test --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Marcelo Elizeche Landó <marcelo@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2025-12-11 11:49:05 -03:00
Dominic R	3353db0d7f	outpost/proxyv2: more tests, fix pg password with spaces, and existing session on restart (#18211 ) * outpost/proxyv2: handle PostgreSQL passwords with spaces and special characters And modify / add some more tests and a bit of refactoring * Potential fix for code scanning alert no. 268: Disabled TLS certificate check Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Signed-off-by: Dominic R <dominic@sdko.org> * Revert "Potential fix for code scanning alert no. 268: Disabled TLS certificate check" This reverts commit `ead227a272`. * wip * fix incorrect status code in error response Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Dominic R <dominic@sdko.org> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2025-12-11 14:25:41 +00:00
Simonyi Gergő	f7e23295ed	core: add digraph group hierarchy (#17050 ) * move imports * core: add digraph group hierarchy * move to permissions from Group or User to Role * set group parents on frontend * do not serialize `GroupParentageNode` directly * core: enforce unique group name on database level Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use group parents in LDAP provider * add user-role relationship control to frontend * move materialized view to be more discoverable * add guardian to mypy exceptions * make `Role` a `ManagedModel` * fixup! make `Role` a `ManagedModel` * simplify `get_objects_for_user` * fix flaky unit test * rename `django-guardian` fork to `ak-guardian` * add tests around users/groups/roles * remove unused guardian config variable * simplify guardian file structure * clean up frontend * initial docs * remove `mode` from `InitialPermissions` This is no longer needed, since users no longer directly have permissions. * fixup! Merge branch 'main' into core/add-digraph-group-hierarchy * clean up docs for managing permissions * addendums from docs review * fixup! Merge branch 'main' into core/add-digraph-group-hierarchy * tweaks * dewi and tana edits to docs * tweak * truly final tweaks, for now * relabel Role Permissions table * clarify button label * fixup! Merge branch 'main' into core/add-digraph-group-hierarchy * fixup! Merge branch 'main' into core/add-digraph-group-hierarchy * merge migrations * fixup! Merge branch 'main' into core/add-digraph-group-hierarchy --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Tana M Berry <tana@goauthentik.io>	2025-12-08 12:04:04 +01:00
Jens L.	1aff2c2b3a	providers/radius: revert fix inverted message authenticator validation (#17855 ) (#17915 ) Revert "providers/radius: fix inverted message authenticator validation (#17855)" This reverts commit `09e3301c8f`.	2025-11-03 16:10:41 +01:00
Jens L.	894db1237a	internal: add default go http server timeouts (#17858 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2025-11-01 19:04:13 +01:00
Jens L.	09e3301c8f	providers/radius: fix inverted message authenticator validation (#17855 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2025-11-01 17:58:48 +01:00
Teffen Ellis	45d0c7c24b	web/a11y: Isolated Outpost Error Page (#17683 ) * web: Remove external resources from error page. * web: Remove home link.	2025-10-30 23:00:01 +00:00
Dominic R	ec00a918b3	outposts: update permissions more eagerly (#17783 ) * wip * wip * a * a Signed-off-by: Dominic R <dominic@sdko.org> * rm * this * rm test files * cover one more case Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Dominic R <dominic@sdko.org> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2025-10-30 18:33:51 +01:00
Jens L.	9b6aa56df2	providers/radius: fix panic when no cert is configured (#17762 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2025-10-28 15:42:11 +01:00
Jens L.	e7235732bb	providers/proxy: fix missing JWT/claims header (#17759 ) * replace interface{} with any Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix raw token not saved to map or json Signed-off-by: Jens Langhammer <jens@goauthentik.io> * also fix proxy claims Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix test Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2025-10-28 15:14:07 +01:00
Jens L.	e2904d13a9	providers/proxy: add gorm logging (#17758 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2025-10-28 14:39:47 +01:00
Jens L.	e9347e88e1	providers/proxy: drop headers with underscores (#17650 ) drop any headers with underscores that we set in the remote system Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2025-10-22 15:19:34 +02:00
Jens L.	9847c3adc8	providers/proxy: fix missing postgres import (#17582 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2025-10-21 00:09:54 +02:00
Dominic R	795a025af9	outpost/proxyv2: postgresstore: db/pool/misc cleanup and enhancement (#17511 ) * wip * Update internal/outpost/proxyv2/application/session_postgres_test.go Signed-off-by: Dominic R <dominic@sdko.org> * Update refresh.go Co-authored-by: Jens L. <jens@goauthentik.io> Signed-off-by: Dominic R <dominic@sdko.org> --------- Signed-off-by: Dominic R <dominic@sdko.org> Co-authored-by: Jens L. <jens@goauthentik.io>	2025-10-20 16:25:13 +02:00
Dominic R	06bfcf04e3	outpost/proxyv2: postgresstore: credential refresh (#17414 ) * outpost/proxyv2: postgresstore: credential refresh * wip * mabye * mabye fix	2025-10-15 15:22:27 +02:00
Marc 'risson' Schmitt	23357f45e9	: remove Redis leftovers (#17146 ) : remove Redis leftovers Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> more removal Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix leftover Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more removal Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * lint Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix broken anchor Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * re-add redis for previous version migrations Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2025-10-11 01:46:53 +02:00
Dominic R	6dde8bdd4a	outpost: proxyv2: Use Postgres for the Embedded Outpost (#16628 ) * wip Co-authored-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Dominic R <dominic@sdko.org> * remove testing files * a * wip * pls * pls2 * a * Update authentik/providers/proxy/models.py Co-authored-by: Jens L. <jens@beryju.org> Signed-off-by: Dominic R <dominic@sdko.org> * makemigrations * pls * pls1000 * dont migrate in go Signed-off-by: Jens Langhammer <jens@goauthentik.io> * set uuid Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix more test cases Signed-off-by: Jens Langhammer <jens@goauthentik.io> * better logging Signed-off-by: Jens Langhammer <jens@goauthentik.io> * set gorm nowfunc (gorm defaults to local time) Signed-off-by: Jens Langhammer <jens@goauthentik.io> * improve test db closing Signed-off-by: Jens Langhammer <jens@goauthentik.io> * move expiration to field Signed-off-by: Jens Langhammer <jens@goauthentik.io> * dont' manually set table Signed-off-by: Jens Langhammer <jens@goauthentik.io> * refactor tests more Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more refactor Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix em Signed-off-by: Jens Langhammer <jens@goauthentik.io> * postgres cleanup is done by worker Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update expiry and set expiring Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Dominic R <dominic@sdko.org> Co-authored-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens L. <jens@beryju.org>	2025-10-09 16:59:15 +02:00
Jens L.	68292fede2	enterprise/stages/mtls: Improve Email address extraction (#17068 ) * enterprise/stages/mtls: improve email attribute extraction Signed-off-by: Jens Langhammer <jens@goauthentik.io> * return error from outpost flow executor correctly Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2025-09-28 19:28:52 +02:00
Jens L.	4ec785a598	core/api: Better naming for partial user/group serializer, optimise bindings (#17022 ) * core: add index on Group.is_superuser (#17011) Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update go code Signed-off-by: Jens Langhammer <jens@goauthentik.io> * also optimise bindings Signed-off-by: Jens Langhammer <jens@goauthentik.io> * typo Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove unused Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>	2025-09-26 14:43:39 +02:00
Marc 'risson' Schmitt	9df7e50b8f	outposts/ldap: add pwdChangeTime attribute (#17010 ) * outposts/ldap: add pwdChangeTime attribute Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * simplify Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update schema Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2025-09-25 16:16:08 +02:00
Daniel Adu-Gyan	e415d3b667	providers/ldap: add include_children parameter to cached search mode (#16918 )	2025-09-25 14:41:33 +02:00
Katsushi Kobayashi	053c639aa8	outposts: fix flow executor when using subpath (#16947 ) * Refer refConfig's URL * Update internal/outpost/flow/executor.go Co-authored-by: Jens L. <jens@beryju.org> Signed-off-by: Katsushi Kobayashi <ikob@acm.org> --------- Signed-off-by: Katsushi Kobayashi <ikob@acm.org> Co-authored-by: Jens L. <jens@beryju.org>	2025-09-25 14:34:44 +02:00
Marco Lecheler	df33b4d3e9	website: fix docs links (#16926 ) * fix: add other docker-compose links * fix: update other docs urls	2025-09-24 11:48:33 -04:00
Jens L.	1f81d234cb	enterprise/providers/radius: add EAP-TLS support (#15702 ) * implement with library (backend) Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add outpost Signed-off-by: Jens Langhammer <jens@goauthentik.io> * format Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add basic docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add enterprise notice to certificate Signed-off-by: Jens Langhammer <jens@goauthentik.io> * clearer enterprise stuff Signed-off-by: Jens Langhammer <jens@goauthentik.io> * idk Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2025-09-23 23:54:09 +02:00
Jens L.	a38239509b	root: Better version bump (#14905 ) Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>	2025-08-12 13:50:12 +00:00
Dominic R	ffe767fe13	outpost: proxy: handle nil HTTP response in attemptBasicAuth function (#13781 ) * outpost: proxy: handle nil HTTP response in attemptBasicAuth function Fixes a nil pointer dereference that occurs when an HTTP request fails in the attemptBasicAuth function. Added additional checks to safely handle cases where the HTTP response or its body is nil. * add defer res.Body.Close() to prevent resource leaks in basic auth * oops * this * Revert "this" This reverts commit `7f7d110291`. * wip * better?	2025-08-12 11:40:18 +01:00
Tom Neuber	7ed3fed5c3	outpost/proxyv2: add session cleanup for filesystem session store (#15798 ) * proxyv2/filesystemstore: add persistent filesystem store to implement a session cleanup job * proxyv2: add session cleanup for filesystem session store	2025-08-09 20:13:39 +01:00
Daniel Adu-Gyan	ab1f87cfd6	core, providers/ldap: add parent/child groups to api and ldap results (#14974 )	2025-08-04 14:29:16 +02:00

1 2 3 4 5 ...

461 Commits