authentik

mirror of https://github.com/goauthentik/authentik synced 2026-05-03 21:02:04 +02:00

Author	SHA1	Message	Date
Jens L.	47206d3328	providers/oauth2: add initial JWE support (#11344 ) * providers/oauth2: add initial JWE support Signed-off-by: Jens Langhammer <jens@goauthentik.io> * re-migrate, only set id_token_encryption_* when encryption key is set Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add jwks test with encryption Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-10-17 14:04:19 +02:00
Marc 'risson' Schmitt	10580d8aa9	web/admin: display webauthn device type (#11481 ) * web/user,admin: display webauthn device type Co-authored-by: Simonyi Gergő <28359278+gergosimonyi@users.noreply.github.com> Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix 2 Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Simonyi Gergő <28359278+gergosimonyi@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2024-10-14 22:57:45 +02:00
Jens L.	075944abba	providers/scim: add option to ignore SCIM server cert (#11437 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-10-14 17:03:58 +02:00
Jens L.	5b66dbe890	flows: provider invalidation (#5048 ) * add initial Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add web stage for session end Signed-off-by: Jens Langhammer <jens@goauthentik.io> * migrate saml and tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * cleanup Signed-off-by: Jens Langhammer <jens@goauthentik.io> * group flow settings when providers have multiple flows Signed-off-by: Jens Langhammer <jens@goauthentik.io> * adjust name for default provider invalidation Signed-off-by: Jens Langhammer <jens@goauthentik.io> * re-make migrations Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add invalidation_flow to saml importer Signed-off-by: Jens Langhammer <jens@goauthentik.io> * re-do migrations again Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update web stuff to get rid of old libraries Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make unbind flow for ldap configurable Signed-off-by: Jens Langhammer <jens@goauthentik.io> * unrelated: fix flow inspector Signed-off-by: Jens Langhammer <jens@goauthentik.io> * handle invalidation_flow as optional, as it should be Signed-off-by: Jens Langhammer <jens@goauthentik.io> * also fix ldap outpost Signed-off-by: Jens Langhammer <jens@goauthentik.io> * don't generate URL in client Signed-off-by: Jens Langhammer <jens@goauthentik.io> * actually make it work??? Signed-off-by: Jens Langhammer <jens@goauthentik.io> * format Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix migration breaking things...? Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start fixing tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix fallback Signed-off-by: Jens Langhammer <jens@goauthentik.io> * re-migrate Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix duplicate flow setting Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add migration Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix race condition with brand Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix oauth test Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix SAML tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add to wizard, fix required Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make required, start release notes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-10-14 15:35:12 +02:00
Nicolas	77c595a0fd	sources/saml: fix NameIDFormat descriptor in metadata generation (#11614 ) * source/saml - Changed namespace of X509SSubjectName NameIDFormat Under the SAML2 Core spec (http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf) 8.3.3 the URI of the 5.509 Subject Name contains SAML:1.1 and not SAML:2.0 * source/saml - Change NameIDFormat descriptor build logic to only append chosen format for the source. * Merge diff	2024-10-11 14:27:36 +02:00
Jens L.	dc4f341399	stages/identification: dynamically find login challenges (#11571 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-09-30 23:27:17 +02:00
Jens L.	975b6e53a6	release: 2024.8.3 (#11542 )	2024-09-27 16:58:04 +02:00
Jens L.	5822653155	release: 2024.8.2 (#11395 )	2024-09-16 15:02:51 +02:00
Jens L.	b8ae028d4d	root: backport release 2024.8.1 (#11273 ) release: 2024.8.1	2024-09-08 01:35:15 +02:00
Jens L.	02ae099bdf	root: version 2024.8 backport (#11166 ) * schemas: fix XML Schema loading...for some reason? Signed-off-by: Jens Langhammer <jens@goauthentik.io> * release: 2024.8.0-rc1 * release: 2024.8.0 Signed-off-by: Jens Langhammer <jens@goauthentik.io> # Conflicts: # .bumpversion.cfg --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-09-03 14:41:40 +02:00
Jens L.	a6225ad7a7	root: backport version bump (#11045 ) * fix outpost form not loading apps for correct type Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix bug from previous pr Signed-off-by: Jens Langhammer <jens@goauthentik.io> * release: 2024.6.4 --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-08-23 16:33:07 +02:00
Jens L.	41fbb6dbd7	enterprise: add up-to-date license status (#11042 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-08-23 14:05:19 +02:00
Jens L.	46acab3b2e	providers/scim: add API endpoint to sync single user (#8486 ) * add api Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add UI Signed-off-by: Jens Langhammer <jens@goauthentik.io> * format Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-08-22 16:38:55 +02:00
Jens L.	d577152f83	providers/SAML: encryption support (#10934 ) * providers/saml: add option to sign assertion and or response Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add encryption Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add form option Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add tests for API Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-08-17 21:10:28 +02:00
Jens L.	8f53d0b9f3	providers/ldap: Remove search group (#10639 ) * remove search_group Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make api operations cleaerer Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix migration Signed-off-by: Jens Langhammer <jens@goauthentik.io> * actually use get Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use correct api client for ldap Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix migration Signed-off-by: Jens Langhammer <jens@goauthentik.io> * unrelated: fix migration warning Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * unrelated: fix styling issue in dark mode Signed-off-by: Jens Langhammer <jens@goauthentik.io> * unrelated-ish fix button order in wizard Signed-off-by: Jens Langhammer <jens@goauthentik.io> * unrelated: fix missing css import Signed-off-by: Jens Langhammer <jens@goauthentik.io> * Optimised images with calibre/image-actions * Update index.md Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Jens L. <jens@beryju.org> * Update index.md Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Jens L. <jens@beryju.org> * Apply suggestions from code review Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Jens L. <jens@beryju.org> * update release notes based on new template Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens L. <jens@beryju.org> Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com> Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>	2024-08-14 16:31:11 +02:00
Jens L.	bb9e679b9a	outposts: add better UI for showing mismatched versions (#10885 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-08-12 23:17:15 +02:00
Marc 'risson' Schmitt	a7203be850	providers: add provider/ prefix for property mappings API (#10874 )	2024-08-12 13:13:08 +00:00
Jens L.	a073b7a5b1	enterprise: add support for license flags (#10842 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-08-09 22:20:01 +02:00
Jens L.	4b5bb77d99	enterprise: UI improvements, better handling of expiry (#10828 ) * web/admin: show enterprise banner on the very top Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rework license Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix a bunch of things Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add some more tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add more tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix middleware Signed-off-by: Jens Langhammer <jens@goauthentik.io> * better api Signed-off-by: Jens Langhammer <jens@goauthentik.io> * format Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add tests for and fix read only mode Signed-off-by: Jens Langhammer <jens@goauthentik.io> * field name consistency Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-08-09 14:26:38 +02:00
Marc 'risson' Schmitt	68af5b0572	sources/plex: add property mappings (#10772 )	2024-08-08 11:36:24 +02:00
Nicolas	19c3f7dd80	sources/saml: Basic support for EncryptedAssertion element. (#10099 ) * source/saml: Updated backend for encrypted assertion support * source/saml: all lint-fix checks passed * source/saml: Used Optional type instead of union, on enc_key_descriptor type hint * source/saml: request_encrypted_assertion model field migration * source/saml: Added 'noqa' comment to type hint on encryption key descriptor * small fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add to UI Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add some error handling Signed-off-by: Jens Langhammer <jens@goauthentik.io> * sources/saml: Pivot to encryption_kp model field, instead of request_encryption bool * sources/saml: Typo fix * re-create migrations Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update web Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add to release notes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * unrelated fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add improve error handling, add tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * test metadata with encryption and remove WantAssertionsEncrypted since it's not in the schema Signed-off-by: Jens Langhammer <jens@goauthentik.io> * unrelated fix to radius path Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix unrelated fix...sigh Signed-off-by: Jens Langhammer <jens@goauthentik.io> * re-migrate Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2024-08-07 19:58:28 +02:00
Marc 'risson' Schmitt	83b02a17d5	sources: add property mappings for all oauth and saml sources (#8771 ) Co-authored-by: Jens L. <jens@goauthentik.io>	2024-08-07 19:14:22 +02:00
Marc 'risson' Schmitt	d8c3b8bad2	stages/authenticator: add created, last_updated and last_used metadata (#10636 ) * stages/authenticator: add created, last_updated and last_used metadata Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * lint Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * also show for users Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * set allow_null Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2024-08-07 14:09:49 +02:00
Simonyi Gergő	f7b16ed723	policies: add GeoIP policy (#10454 ) * add GeoIP policy * handle empty lists of ASNs and countries * handle missing GeoIP database or missing IP from the database The exceptions raised here are `PolicyException`s to let admins bypass an execution failure. * fix translations whoops * remove `GeoIPPolicyMode` Use the policy binding's `negate` option instead * fix `DataProvision` typing `ak-dual-select-provider` can handle unpaginated data * use `django-countries` instead of a static list of countries for ISO-3166 * simplify `GeoIPPolicyForm` * pass `GeoIPPolicy` on empty policy * add backend tests to `GeoIPPolicy` * revise translations * move `iso-3166/` to `policies/geoip_iso3166/` * add client-side caching to ISO3166 API call * fix `GeoIPPolicy` creation The automatically generated APIs can't seem to handle `CountryField`, so I'll have to do this by hand too. * add docs for GeoIP Policy * docs: stylize add review suggestions from @tanberry * refactor `GeoIPPolicy` API It is now as declarative as I could make it. * clean up `api.py` and `views.py`	2024-08-06 10:37:29 +00:00
Jens Langhammer	4363c899ac	release: 2024.6.3	2024-08-05 20:08:28 +02:00
Marc 'risson' Schmitt	b942ae7849	core: applications api: properly select provider (#10373 ) * core: applications api: properly select provider Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fixup get_launch_url Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * Reapply "core: applications api: add option to only list apps with launch url (#10336)" (#10370) This reverts commit `763a19b914`. * wip Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * more fixes Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * make website Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * remove serializer change Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> --------- Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>	2024-08-05 16:23:00 +02:00
Jens L.	d24e2abe7f	rbac: rework API for terraform, add blueprint support (#10698 ) * rbac: rework API slightly to improve terraform compatibility Signed-off-by: Jens Langhammer <jens@goauthentik.io> * sigh https://www.django-rest-framework.org/api-guide/filtering/#filtering-and-object-lookups Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add permission support for users global permissions Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add role support to blueprints Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix yaml tags Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add generated read-only role Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix web Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make permissions optional Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add object permission support to blueprints Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests kinda Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add more tests and fix bugs Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-08-02 16:34:30 +02:00
Jens Langhammer	e60c36b889	release: 2024.6.2	2024-08-01 01:13:29 +02:00
Marc 'risson' Schmitt	3b1c42776b	sources/scim: add property mappings (#10650 ) * sources/scim: add property mappings Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix filterset Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix doc link Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * lint Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> --------- Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>	2024-07-29 22:32:51 +02:00
Marc 'risson' Schmitt	45e464368e	core: add primitives for source property mappings (#10651 )	2024-07-26 19:14:27 +02:00
Jens L.	61c6887e82	providers/radius: Add support for custom attributes (#10509 ) * unrelated: show logs for failed blueprints Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add dictionaries Signed-off-by: Jens Langhammer <jens@goauthentik.io> * unrelated: remove some unused api functions Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add initial api Signed-off-by: Jens Langhammer <jens@goauthentik.io> * placeholder backend Signed-off-by: Jens Langhammer <jens@goauthentik.io> * idk Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add proper mappings Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> * format Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-07-25 19:08:33 +02:00
Marc 'risson' Schmitt	ced4533890	sources/ldap: rename ldappropertymapping to ldapsourcepropertymapping (#10606 )	2024-07-25 16:09:36 +02:00
Marc 'risson' Schmitt	e65b905301	sources: refactor user connection api (#10607 )	2024-07-25 14:16:50 +02:00
Jens L.	5a8d580c86	core: b2c improvements p1 (#9257 ) * add default app and restrict Signed-off-by: Jens Langhammer <jens@goauthentik.io> * also pass raw email token for custom email templates Signed-off-by: Jens Langhammer <jens@goauthentik.io> * revoke access token when user logs out Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remigrate Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add command to change user types Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add some docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * blankable Signed-off-by: Jens Langhammer <jens@goauthentik.io> * actually fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-07-23 11:10:38 +02:00
Marc 'risson' Schmitt	1a6ac4740d	sources: introduce new property mappings per user and group (#8750 ) * sources: introduce new property mappings per-user and group Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * sources/ldap: migrate to new property mappings Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * lint-fix and make gen Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * web changes Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix tests Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * update tests Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * remove flatten for generic implem Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * rework migration Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * lint-fix Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * wip Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix migrations Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * re-add field migration to property mappings Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix migrations Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * more migrations fixes Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * easy fixes Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * migrate to propertymappingmanager Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * ruff and small fixes Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * move mapping things into a separate class Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * migrations: use using(db_alias) Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * migrations: use built-in variable Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * add docs Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * add release notes Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> --------- Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>	2024-07-22 15:26:22 +02:00
Ken Sternberg	b0507d2063	web: provide 'show password' button (#10337 ) * web: fix esbuild issue with style sheets Getting ESBuild, Lit, and Storybook to all agree on how to read and parse stylesheets is a serious pain. This fix better identifies the value types (instances) being passed from various sources in the repo to the three different kinds of style processors we're using (the native one, the polyfill one, and whatever the heck Storybook does internally). Falling back to using older CSS instantiating techniques one era at a time seems to do the trick. It's ugly, but in the face of the aggressive styling we use to avoid Flashes of Unstyled Content (FLoUC), it's the logic with which we're left. In standard mode, the following warning appears on the console when running a Flow: ``` Autofocus processing was blocked because a document already has a focused element. ``` In compatibility mode, the following error appears on the console when running a Flow: ``` crawler-inject.js:1106 Uncaught TypeError: Failed to execute 'observe' on 'MutationObserver': parameter 1 is not of type 'Node'. at initDomMutationObservers (crawler-inject.js:1106:18) at crawler-inject.js:1114:24 at Array.forEach (<anonymous>) at initDomMutationObservers (crawler-inject.js:1114:10) at crawler-inject.js:1549:1 initDomMutationObservers @ crawler-inject.js:1106 (anonymous) @ crawler-inject.js:1114 initDomMutationObservers @ crawler-inject.js:1114 (anonymous) @ crawler-inject.js:1549 ``` Despite this error, nothing seems to be broken and flows work as anticipated. * web: provide `show password` on login page Provide a `show password` icon, text, and button for the password field both in the IdentificationStage and the PasswordStage. Essentially the same code for both, although the id of the password field is unique to each. Requested by Cloudflare. Seems to be a common thing anyway. Should it be an administrative option that this facility is available? From where should I derive that information? I suspect the answer is "a site attribute," but I'd like to get confirmation. * web: comment doesn't need to be exposed. It's sufficient where it is . * web: fix button rendering issues During testing, the buttons did not change as expected. We are using pure DOM state to control the look of the button, and avoiding using `.requestUpdate()` to avoid losing customer input, so depending upon Lit to re-render just the button was an error. This commit goes old-school and updates the button's label and icon using standard DOM features, although we do lean into Lit-html`s `render()` function to create the DOM component for the icon. * web: provide `show password` on login page Provide a `show password` icon, text, and button for the password field both in the IdentificationStage and the PasswordStage. Essentially the same code for both, although the id of the password field is unique to each. Provide a configuration detail server-side to allow administrator to enable or disable the 'show password' feature. Off by default. Requested by Cloudflare. Seems to be a common thing anyway. Making it configurable wasn't in Cloudfare's request, but it seemed logical to add. * ensure the tests pass; quibbling over the wording of the admin field continues. * Removed some manually identified fluff. * web: break out `show password`-enabled input field into its own component Provides a `show password` field, but as a LightDOM-oriented web component. This form of input[type="password"] is for flows only, as it has a number of specializations for understanding a flow's validating round-trip, possible error messages within the challenge, and is left within the LightDOM both to support compatibility issues and to avoid using `elementInterals`, which is a DOM feature not supported by some older browsers. Avoids having to maintain two different instances of the same logic, both for permitting 'show password', and for handling it. * web: update PasswordStageForm according to lit-analyzer With lit-analyzer in the mix and functional, we're seeing new complaints about inconsistent typing in lit objects, and this was one of them. * Another lit-analyze error found.	2024-07-15 18:14:46 -07:00
Jens L	8db1d86c6b	flows: remove stage challenge type (#10476 ) * flows: remove stage challenge type Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> * improve coverage Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-07-13 18:37:29 +02:00
Jens Langhammer	f6a9773930	release: 2024.6.1	2024-07-11 22:50:33 +02:00
Jens L	bfc2fe7703	web/flows: Simplified flow executor (#10296 ) * initial sfe Signed-off-by: Jens Langhammer <jens@goauthentik.io> * build sfe Signed-off-by: Jens Langhammer <jens@goauthentik.io> * downgrade bootstrap Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix path Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make IE compatible Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix query string missing Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add autosubmit stage Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add background image Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add code support Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add support for combo ident/password Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix logo rendering Signed-off-by: Jens Langhammer <jens@goauthentik.io> * only use for edge 18 and before Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix lint Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add webauthn support Signed-off-by: Jens Langhammer <jens@goauthentik.io> * migrate to TS for some creature comforts Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix ci Signed-off-by: Jens Langhammer <jens@goauthentik.io> * dedupe dependabot Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use API client...kinda Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add more docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add more polyfills yay Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> * turn powered by into span prevent issues in restricted browsers where users might not be able to return Signed-off-by: Jens Langhammer <jens@goauthentik.io> * allow non-link footer entries Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tsc errors Signed-off-by: Jens Langhammer <jens@goauthentik.io> * Apply suggestions from code review Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Jens L. <jens@beryju.org> * auto switch for macos Signed-off-by: Jens Langhammer <jens@goauthentik.io> * reword Signed-off-by: Jens Langhammer <jens@goauthentik.io> * Update website/docs/flow/executors/if-flow.md Signed-off-by: Jens L. <jens@beryju.org> * format Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens L. <jens@beryju.org> Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>	2024-07-05 19:24:37 +02:00
Marc 'risson' Schmitt	0fe751269e	outposts: make refresh interval configurable (#10138 ) * outposts: make refresh interval configurable Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * frontend Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * black again Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * switch to using config attribute Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * lint Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> --------- Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>	2024-07-05 13:14:28 +02:00
Marc 'risson' Schmitt	763a19b914	Revert "core: applications api: add option to only list apps with launch url (#10336 )" (#10370 )	2024-07-04 13:29:33 +02:00
Marc 'risson' Schmitt	42e0ff6492	core: applications api: add option to only list apps with launch url (#10336 )	2024-07-03 17:56:08 +02:00
Marc 'risson' Schmitt	98c8402f11	web/admin: show matching user reputation scores in user details (#10276 ) Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2024-06-28 12:18:38 +00:00
Marc 'risson' Schmitt	35cd126406	release: 2024.6.0-rc1	2024-06-14 18:42:26 +02:00
gcp-cherry-pick-bot[bot]	cb8379031a	admin: system api: fix FIPS status schema (cherry-pick #10110 ) (#10112 ) admin: system api: fix FIPS status schema (#10110) Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>	2024-06-15 00:27:33 +09:00
Marc 'risson' Schmitt	b8cbdcae22	admin: system api: do not show FIPS status if no valid license (#10091 ) * admin: system api: do not show FIPS status if no valid license Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * also for outposts Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * black Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> --------- Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>	2024-06-14 12:52:24 +02:00
Jens L	88e9c9b669	providers/sync: improve v3 (#9966 ) * make external id field externally visible Signed-off-by: Jens Langhammer <jens@goauthentik.io> * catch up scim provider Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add missing views to scim provider Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make neither user nor group required for mapping testing Signed-off-by: Jens Langhammer <jens@goauthentik.io> * improve SkipObject handling Signed-off-by: Jens Langhammer <jens@goauthentik.io> * allow deletion of connection objects Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make entra logs less noisy Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make event_matcher less noisy Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-06-06 12:47:48 +09:00
Jens L	6cf418a37e	stages/captcha: rework (#9959 ) * stages/captcha: rework Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update form with continue option Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update docs, add notes for scores Signed-off-by: Jens Langhammer <jens@goauthentik.io> * also only raise error from success if needed Signed-off-by: Jens Langhammer <jens@goauthentik.io> * return full data Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-06-04 18:25:38 +09:00
Jens L	50fffa72cc	lib/providers/sync: improve outgoing sync (#9835 ) * make connection objects not updatable but allow creating with provider Signed-off-by: Jens Langhammer <jens@goauthentik.io> * save data returned from google/entra and show it in UI Signed-off-by: Jens Langhammer <jens@goauthentik.io> * pass connection object Signed-off-by: Jens Langhammer <jens@goauthentik.io> * set immutable id on user automatically Signed-off-by: Jens Langhammer <jens@goauthentik.io> * better define transient error codes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * format Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix entra Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-05-30 10:40:10 +09:00
Jens L	0974456ac8	core: add option to select group for property mapping testing (#9834 ) * make naming consistent, p1 Signed-off-by: Jens Langhammer <jens@goauthentik.io> * p2 Signed-off-by: Jens Langhammer <jens@goauthentik.io> * core: add option to select group for property mapping testing Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-05-24 13:32:19 +02:00

... 3 4 5 6 7 ...

794 Commits