authentik

mirror of https://github.com/goauthentik/authentik synced 2026-04-27 09:57:31 +02:00

Author	SHA1	Message	Date
Marc 'risson' Schmitt	1ceb46ca15	providers/proxy: fix oidc client not using socket in embedded outpost (#21280 ) * providers/proxy: fix oidc client not using socket in embedded outpost Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * cleanup and switch Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2026-04-02 16:50:12 +02:00
Marc 'risson' Schmitt	2f70351c90	packages/client-go: init (#21139 ) * packages/client-go: init Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * format Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove mod/sum Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix translate Signed-off-by: Jens Langhammer <jens@goauthentik.io> * no go replace Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update rust makefile with pwd Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix build Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * don't need a version ig? Signed-off-by: Jens Langhammer <jens@goauthentik.io> * exclude go client from cspell Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix main docker build Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2026-03-25 15:26:50 +01:00
Marc 'risson' Schmitt	4dfdf9afa3	root: allow listening on multiple IPs (#20930 )	2026-03-19 15:46:47 +00:00
Jens L.	ec7efa53cb	providers/proxy: move search path to query instead of runtime parameter (#20662 ) Co-authored-by: Dominic R <dominic@sdko.org>	2026-03-03 17:49:28 +00:00
Xabier Napal	35e025b25a	outpost/proxyv2: prevent panic in handleSignOut (#20097 ) outpost/proxyv2: use safe claims extraction in handleSignOut to prevent panic Signed-off-by: Xabier Napal <xabier.napal@dvzr.io>	2026-03-03 18:21:25 +01:00
Brolywood	17ab3a4b73	providers/proxy: preserve URL-encoded path characters in redirect (#20476 ) Use r.URL.EscapedPath() instead of r.URL.Path when building the redirect URL in redirectToStart(). The decoded Path field converts %2F to /, which url.JoinPath then collapses via path.Clean, stripping encoded slashes from the URL. EscapedPath() preserves the original encoding, fixing 301 redirects that break apps like RabbitMQ which use %2F in their API paths.	2026-02-23 17:30:47 +01:00
dependabot[bot]	122cee049a	core: bump library/golang from 1.25.5-trixie to 1.26.0-trixie in /lifecycle/container (#20381 ) * core: bump library/golang in /lifecycle/container Bumps library/golang from 1.25.5-trixie to 1.26.0-trixie. --- updated-dependencies: - dependency-name: library/golang dependency-version: 1.26.0-trixie dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * bump & fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> * bump docs too Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2026-02-19 12:35:00 +00:00
Chetan Sarva	3f1a0f83ca	outpost/proxyv2: revalidate auth if session fails to load (#18063 )	2026-02-05 17:19:28 +00:00
Marc 'risson' Schmitt	85434710f3	root: update client-go generation (#19762 )	2026-01-26 19:51:38 +01:00
Vít Skalický	bc3a1f128b	providers/proxy: Fix incorrect comparison of redirect URL and CookieDomain (#15686 ) * Fix incorect comparison of redirect URL and CookieDomain. Fixes #15685 According to docs, URL.Host contains the host and port, while Hostname returns only the host without the port. CookieDomain obviously does not contain the port. string.HasSuffix function is used, so if a port is set in the redirect URL, this check always fails. * Fixed missing parentheses --------- Co-authored-by: Dewi Roberts <dewi@goauthentik.io>	2026-01-22 17:44:22 +00:00
Dominic R	3873f43ea3	outpost/proxyv2: fix stale session cookie causing 400 error in createState (#19026 )	2026-01-13 10:52:42 -05:00
Dominic R	a479c79b34	internal/outpost: improve PostgreSQL connection options parsing (#19118 ) * internal: Outpost's conn options should be base64 json * correctly parse target_session_attrs + tests * fix port handling to use env provided port * add multiple port handling abilities to mirror the python config parser --------- Co-authored-by: Duncan Tasker <tasatree@gmail.com>	2026-01-13 10:52:28 -05:00
Marc 'risson' Schmitt	1a4ae2f102	outpost/proxyv2: reduce max number of postgres connections (#19211 )	2026-01-06 18:19:41 +00:00
Jens L.	9ef7f706e9	internal: don't warn on empty outpost for embedded (#18786 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2025-12-14 00:50:58 +01:00
Dominic R	3353db0d7f	outpost/proxyv2: more tests, fix pg password with spaces, and existing session on restart (#18211 ) * outpost/proxyv2: handle PostgreSQL passwords with spaces and special characters And modify / add some more tests and a bit of refactoring * Potential fix for code scanning alert no. 268: Disabled TLS certificate check Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Signed-off-by: Dominic R <dominic@sdko.org> * Revert "Potential fix for code scanning alert no. 268: Disabled TLS certificate check" This reverts commit `ead227a272`. * wip * fix incorrect status code in error response Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Dominic R <dominic@sdko.org> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2025-12-11 14:25:41 +00:00
Jens L.	894db1237a	internal: add default go http server timeouts (#17858 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2025-11-01 19:04:13 +01:00
Teffen Ellis	45d0c7c24b	web/a11y: Isolated Outpost Error Page (#17683 ) * web: Remove external resources from error page. * web: Remove home link.	2025-10-30 23:00:01 +00:00
Dominic R	ec00a918b3	outposts: update permissions more eagerly (#17783 ) * wip * wip * a * a Signed-off-by: Dominic R <dominic@sdko.org> * rm * this * rm test files * cover one more case Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Dominic R <dominic@sdko.org> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2025-10-30 18:33:51 +01:00
Jens L.	e7235732bb	providers/proxy: fix missing JWT/claims header (#17759 ) * replace interface{} with any Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix raw token not saved to map or json Signed-off-by: Jens Langhammer <jens@goauthentik.io> * also fix proxy claims Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix test Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2025-10-28 15:14:07 +01:00
Jens L.	e2904d13a9	providers/proxy: add gorm logging (#17758 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2025-10-28 14:39:47 +01:00
Jens L.	e9347e88e1	providers/proxy: drop headers with underscores (#17650 ) drop any headers with underscores that we set in the remote system Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2025-10-22 15:19:34 +02:00
Jens L.	9847c3adc8	providers/proxy: fix missing postgres import (#17582 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2025-10-21 00:09:54 +02:00
Dominic R	795a025af9	outpost/proxyv2: postgresstore: db/pool/misc cleanup and enhancement (#17511 ) * wip * Update internal/outpost/proxyv2/application/session_postgres_test.go Signed-off-by: Dominic R <dominic@sdko.org> * Update refresh.go Co-authored-by: Jens L. <jens@goauthentik.io> Signed-off-by: Dominic R <dominic@sdko.org> --------- Signed-off-by: Dominic R <dominic@sdko.org> Co-authored-by: Jens L. <jens@goauthentik.io>	2025-10-20 16:25:13 +02:00
Dominic R	06bfcf04e3	outpost/proxyv2: postgresstore: credential refresh (#17414 ) * outpost/proxyv2: postgresstore: credential refresh * wip * mabye * mabye fix	2025-10-15 15:22:27 +02:00
Dominic R	6dde8bdd4a	outpost: proxyv2: Use Postgres for the Embedded Outpost (#16628 ) * wip Co-authored-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Dominic R <dominic@sdko.org> * remove testing files * a * wip * pls * pls2 * a * Update authentik/providers/proxy/models.py Co-authored-by: Jens L. <jens@beryju.org> Signed-off-by: Dominic R <dominic@sdko.org> * makemigrations * pls * pls1000 * dont migrate in go Signed-off-by: Jens Langhammer <jens@goauthentik.io> * set uuid Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix more test cases Signed-off-by: Jens Langhammer <jens@goauthentik.io> * better logging Signed-off-by: Jens Langhammer <jens@goauthentik.io> * set gorm nowfunc (gorm defaults to local time) Signed-off-by: Jens Langhammer <jens@goauthentik.io> * improve test db closing Signed-off-by: Jens Langhammer <jens@goauthentik.io> * move expiration to field Signed-off-by: Jens Langhammer <jens@goauthentik.io> * dont' manually set table Signed-off-by: Jens Langhammer <jens@goauthentik.io> * refactor tests more Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more refactor Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix em Signed-off-by: Jens Langhammer <jens@goauthentik.io> * postgres cleanup is done by worker Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update expiry and set expiring Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Dominic R <dominic@sdko.org> Co-authored-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens L. <jens@beryju.org>	2025-10-09 16:59:15 +02:00
Marco Lecheler	df33b4d3e9	website: fix docs links (#16926 ) * fix: add other docker-compose links * fix: update other docs urls	2025-09-24 11:48:33 -04:00
Dominic R	ffe767fe13	outpost: proxy: handle nil HTTP response in attemptBasicAuth function (#13781 ) * outpost: proxy: handle nil HTTP response in attemptBasicAuth function Fixes a nil pointer dereference that occurs when an HTTP request fails in the attemptBasicAuth function. Added additional checks to safely handle cases where the HTTP response or its body is nil. * add defer res.Body.Close() to prevent resource leaks in basic auth * oops * this * Revert "this" This reverts commit `7f7d110291`. * wip * better?	2025-08-12 11:40:18 +01:00
Tom Neuber	7ed3fed5c3	outpost/proxyv2: add session cleanup for filesystem session store (#15798 ) * proxyv2/filesystemstore: add persistent filesystem store to implement a session cleanup job * proxyv2: add session cleanup for filesystem session store	2025-08-09 20:13:39 +01:00
Jens L.	88fa7e37dc	outposts: Refactor session end signal and add LDAP support (#14539 ) * outpost: promote session end signal to non-provider specific Signed-off-by: Jens Langhammer <jens@goauthentik.io> * implement server-side logout in ldap Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix previous import Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use better retry logic Signed-off-by: Jens Langhammer <jens@goauthentik.io> * log Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make more generic if we switch from ws to something else Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make it possible to e2e test WS Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix ldap session id Signed-off-by: Jens Langhammer <jens@goauthentik.io> * ok I actually need to go to bed this took me an hour to fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> * format; add ldap test Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix leftover state Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove thread Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use ws base for radius Signed-off-by: Jens Langhammer <jens@goauthentik.io> * separate test utils Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rename Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix missing super calls Signed-off-by: Jens Langhammer <jens@goauthentik.io> * websocket tests with browser 🎉 Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add proxy test for sign out Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix install_id issue with channels tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix proxy basic auth test Signed-off-by: Jens Langhammer <jens@goauthentik.io> * big code dedupe Signed-off-by: Jens Langhammer <jens@goauthentik.io> * allow passing go build args Signed-off-by: Jens Langhammer <jens@goauthentik.io> * improve waiting for outpost Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rewrite ldap tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * ok actually fix the tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * undo a couple things that need more time to cook Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove unused lockfile-lint dependency since we use a shell script and SFE does not have a lockfile Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix session id for ldap Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix missing createTimestamp and modifyTimestamp ldap attributes closes #10474 Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2025-06-10 12:11:21 +02:00
Jens L.	dea2d67ceb	internal/outpost: fix incorrect usage of golang SHA API (#14981 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2025-06-09 20:57:36 +02:00
Jens L.	b7417e77c7	outposts: remove duplicate startup/setup code, add pyroscope, make sentry not reconfigure every time (#14724 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2025-06-07 03:01:00 +02:00
Jens L.	a306cecb73	providers/proxy: add option to override host header with property mappings (#14927 )	2025-06-06 14:54:59 +02:00
Jens L.	65517f3b7f	enterprise/stages: Add MTLS stage (#14296 ) * prepare client auth with inbuilt server Signed-off-by: Jens Langhammer <jens@goauthentik.io> * introduce better IPC auth Signed-off-by: Jens Langhammer <jens@goauthentik.io> * init Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start stage Signed-off-by: Jens Langhammer <jens@goauthentik.io> * only allow trusted proxies to set MTLS headers Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more stage progress Signed-off-by: Jens Langhammer <jens@goauthentik.io> * dont fail if ipc_key doesn't exist Signed-off-by: Jens Langhammer <jens@goauthentik.io> * actually install app Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add some tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update API Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix unquote Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix int serial number not jsonable Signed-off-by: Jens Langhammer <jens@goauthentik.io> * init ui Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add UI Signed-off-by: Jens Langhammer <jens@goauthentik.io> * unrelated: fix git pull in makefile Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix parse helper Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add test for outpost Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more tests and improvements Signed-off-by: Jens Langhammer <jens@goauthentik.io> * improve labels Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add support for multiple CAs on brand Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add support for multiple CAs to MTLS stage Signed-off-by: Jens Langhammer <jens@goauthentik.io> * dont log ipcuser secret views Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix go mod Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2025-05-19 22:48:17 +02:00
dependabot[bot]	84b5992e55	ci: bump golangci/golangci-lint-action from 6 to 7 (#13661 ) * ci: bump golangci/golangci-lint-action from 6 to 7 Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 6 to 7. - [Release notes](https://github.com/golangci/golangci-lint-action/releases) - [Commits](https://github.com/golangci/golangci-lint-action/compare/v6...v7) --- updated-dependencies: - dependency-name: golangci/golangci-lint-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * fix lint Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix v2 Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix v3 Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2025-03-26 18:03:20 +01:00
Jens L.	f37e1ca642	brands: migrate custom CSS to brands (#13172 ) * brands: migrate custom CSS to brands Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix missing default Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * simpler migration Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add css to brand form Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2025-03-19 22:52:38 +00:00
Andrea Scarpino	94eff50306	root: redis, make sure tlscacert isn't an empty string (#12407 ) * root: redis, make sure tlscacert isn't an empty string * make TLSCaCert a string instead of pointer Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2025-01-13 20:14:26 +01:00
Jens L.	40a7135c0c	core: app entitlements (#12090 ) * core: initial app entitlements Signed-off-by: Jens Langhammer <jens@goauthentik.io> * base off of pbm Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add tests and oauth2 Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add to proxy Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rewrite to use bindings Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make policy bindings form and list more customizable Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * double fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> * refine permissions Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add missing rbac modal to app entitlements Signed-off-by: Jens Langhammer <jens@goauthentik.io> * separate scope for app entitlements Signed-off-by: Jens Langhammer <jens@goauthentik.io> * include entitlements mapping in proxy Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add API validation to prevent policies from being bound to entitlements Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make preview Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add initial docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove duplicate docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-12-18 14:32:44 +01:00
Jens L.	d4bf3b7068	root: check remote IP for proxy protocol same as HTTP/etc (#12094 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-11-20 21:33:35 +01:00
Jens L.	a892d4afd8	providers/proxy: fix Issuer when AUTHENTIK_HOST_BROWSER is set (#11968 ) correctly use host_browser's hostname as host header for token requests to ensure Issuer is identical	2024-11-13 00:54:40 +01:00
Simon Erhardt	f482937474	providers/proxy: fix handling of AUTHENTIK_HOST_BROWSER (#11722 ) * providers/proxy: fix handling of AUTHENTIK_HOST_BROWSER (#9622/#4688/#6476) * chore: fix tests	2024-10-24 16:34:45 +02:00
Jens L.	dc1562a7de	internal: restore /ping behaviour for embedded outpost (#11568 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-09-30 18:44:03 +02:00
Jens L.	ad3820c11c	providers/proxy: fix panic, keep session storages open (#11439 ) * fix panic when redis connection fails Signed-off-by: Jens Langhammer <jens@goauthentik.io> * re-use session when refreshing apps Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-09-19 23:05:58 +02:00
Jens L.	171d0f55cb	providers/proxy: fix URL path getting lost when partial URL is given to rd= (#11354 ) * providers/proxy: fix URL path getting lost when partial URL is given to rd= Signed-off-by: Jens Langhammer <jens@goauthentik.io> * better fallback + tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-09-12 18:02:08 +02:00
Jens L.	1b285f85c0	outposts: implement general paginator for list API requests (#10619 ) * outposts: implement general paginator Signed-off-by: Jens Langhammer <jens@goauthentik.io> * migrate LDAP Signed-off-by: Jens Langhammer <jens@goauthentik.io> * change main outpost refresh logic to use paginator everywhere Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add comments to understand anything Signed-off-by: Jens Langhammer <jens@goauthentik.io> * actually use paginator everywhere Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-07-29 22:14:18 +02:00
Jens L	b8560f2a86	providers/proxy: bump go-oidc to v3 (#10432 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-07-10 12:54:45 +02:00
Jens L	bfc2fe7703	web/flows: Simplified flow executor (#10296 ) * initial sfe Signed-off-by: Jens Langhammer <jens@goauthentik.io> * build sfe Signed-off-by: Jens Langhammer <jens@goauthentik.io> * downgrade bootstrap Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix path Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make IE compatible Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix query string missing Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add autosubmit stage Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add background image Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add code support Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add support for combo ident/password Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix logo rendering Signed-off-by: Jens Langhammer <jens@goauthentik.io> * only use for edge 18 and before Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix lint Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add webauthn support Signed-off-by: Jens Langhammer <jens@goauthentik.io> * migrate to TS for some creature comforts Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix ci Signed-off-by: Jens Langhammer <jens@goauthentik.io> * dedupe dependabot Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use API client...kinda Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add more docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add more polyfills yay Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> * turn powered by into span prevent issues in restricted browsers where users might not be able to return Signed-off-by: Jens Langhammer <jens@goauthentik.io> * allow non-link footer entries Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tsc errors Signed-off-by: Jens Langhammer <jens@goauthentik.io> * Apply suggestions from code review Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Jens L. <jens@beryju.org> * auto switch for macos Signed-off-by: Jens Langhammer <jens@goauthentik.io> * reword Signed-off-by: Jens Langhammer <jens@goauthentik.io> * Update website/docs/flow/executors/if-flow.md Signed-off-by: Jens L. <jens@beryju.org> * format Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens L. <jens@beryju.org> Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>	2024-07-05 19:24:37 +02:00
Jens L	29f3e2789d	web: set noopener and noreferrer on all external links (#10304 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-07-02 00:29:32 +02:00
Jens L	c45bb8e985	providers/proxy: rework redirect mechanism (#8594 ) * providers/proxy: rework redirect mechanism Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add session id, don't tie to state in session Signed-off-by: Jens Langhammer <jens@goauthentik.io> * handle state failing to parse Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> * save session after creating state Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove debug Signed-off-by: Jens Langhammer <jens@goauthentik.io> * include task expiry in status Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix redirect URL detection Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-05-06 03:07:08 +02:00
Jens L	a742331484	root: make redis settings more consistent (#9335 ) * make redis settings more consistent Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add support to go Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rewrite url Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix redis connect in wait_for_db Signed-off-by: Jens Langhammer <jens@goauthentik.io> * censor password when logging error Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * reword docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add redis url generation helper Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-04-18 16:49:41 +02:00
Max	1b81973358	outposts/proxy: Fix invalid redirect on external hosts containing path components (#8915 ) * outposts/proxy: Fix invalid redirect on external hosts containing path components Signed-off-by: Max <github@germancoding.com> * outposts/proxy: Fix test for changed redirect logic Signed-off-by: Max <github@germancoding.com> --------- Signed-off-by: Max <github@germancoding.com>	2024-03-19 20:31:08 +01:00

1 2 3 4 5

249 Commits