eliott/authentik
1
0
Fork 0
mirror of https://github.com/goauthentik/authentik synced 2026-05-11 17:36:35 +02:00
Code Issues Packages Projects Releases Wiki Activity
21,675 Commits 344 Branches 441 Tags
e7fcfb7e67d5df3e8a8a5da170f18fa4c6b98731
Commit Graph

21675 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
transifex-integration[bot]
61377e9b13 translate: Updates for project authentik and language ja_JP (#18755) 
Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
 2025-12-11 17:40:20 +00:00
transifex-integration[bot]
a225d68f52 translate: Updates for project authentik and language de_DE (#18749) 
Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
 2025-12-11 17:39:43 +00:00
transifex-integration[bot]
0afe14a52f translate: Updates for project authentik and language nl_NL (#18751) 
Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
 2025-12-11 17:38:07 +00:00
transifex-integration[bot]
2442759fc2 translate: Updates for project authentik and language pt_BR (#18746) 
Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
 2025-12-11 17:35:04 +00:00
transifex-integration[bot]
0c19d1ec61 translate: Updates for project authentik and language es_ES (#18748) 
Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
 2025-12-11 17:31:13 +00:00
transifex-integration[bot]
1bda55de9f translate: Updates for project authentik and language it_IT (#18750) 
Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
 2025-12-11 17:26:30 +00:00
transifex-integration[bot]
da975c3086 translate: Updates for project authentik and language cs_CZ (#18753) 
Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
 2025-12-11 17:14:54 +00:00
transifex-integration[bot]
37937422ce translate: Updates for project authentik and language fr_FR (#18747) 
Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
 2025-12-11 17:13:15 +00:00
Marcelo Elizeche Landó
15b93a5e9d stages/identification: Add WebAuthn conditional UI (passkey autofill) support (#18377) 
* add passkey_login to identification stage

* handle passkey auth in identification stage

* Add passkey settings in identification stage in the admin UI

* Add UI changes for basic passkey conditional login

* Fix linting

* rework

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update tests

* update admin form

* allow passing stage to validate_challenge_webauthn

* update flows/tests/test_inspector.py

* update for new field

* Fix linting

* update go solvers for identification challenge

* Refactor tests

* Skip mfa validation if user already authenticated via passkey at identification stage

* Add skip_if_passkey_authenticated option to authenticator validate stage and UI

* Add e2e test for passkey login conditional ui

* add policy

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* Remove skip_if_passkey_authenticated

* fix blueprint

* Set backend so password stage policy knows user is already authenticated

* Set backend so password stage policy knows user is already authenticated

* fix linting

* slight tweaks

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* simplify e2e test

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Marcelo Elizeche Landó <marcelo@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
 2025-12-11 11:49:05 -03:00
Nuno Alves
196bce348f api: allow configuring default page_size and max_page_size (#18165) 
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
 2025-12-11 14:45:50 +00:00
Marc 'risson' Schmitt
a0c33233d5 root: do not require backend approval for npm workspace dependencies (#18738) 2025-12-11 14:45:34 +00:00
Dominic R
3353db0d7f outpost/proxyv2: more tests, fix pg password with spaces, and existing session on restart (#18211) 
* outpost/proxyv2: handle PostgreSQL passwords with spaces and special characters

And modify / add some more tests and a bit of refactoring

* Potential fix for code scanning alert no. 268: Disabled TLS certificate check

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Signed-off-by: Dominic R <dominic@sdko.org>

* Revert "Potential fix for code scanning alert no. 268: Disabled TLS certificate check"

This reverts commit ead227a272.

* wip

* fix incorrect status code in error response

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Dominic R <dominic@sdko.org>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
 2025-12-11 14:25:41 +00:00
dependabot[bot]
d1a3f76188 web: bump @types/guacamole-common-js from 1.5.4 to 1.5.5 in /web (#18717) 
Bumps [@types/guacamole-common-js](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/guacamole-common-js) from 1.5.4 to 1.5.5.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/guacamole-common-js)

---
updated-dependencies:
- dependency-name: "@types/guacamole-common-js"
  dependency-version: 1.5.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-11 14:42:36 +01:00
Hosh
224eb938c2 lib: do not strip and re-add curly braces from raw JSON config (#13769) 
* Do not strip and re-add curly braces from JSON

Signed-off-by: Hosh <hoshsadiq@users.noreply.github.com>

* Fix tests

---------

Signed-off-by: Hosh <hoshsadiq@users.noreply.github.com>
Co-authored-by: Hosh <hoshsadiq@users.noreply.github.com>
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
 2025-12-11 13:29:48 +01:00
dependabot[bot]
49fafa1e7c core: bump library/nginx from 325b00a to fb01117 in /website (#18737) 
Bumps library/nginx from `325b00a` to `fb01117`.

---
updated-dependencies:
- dependency-name: library/nginx
  dependency-version: 1.29-trixie
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-11 12:51:18 +01:00
dependabot[bot]
6f1c486dca core: bump goauthentik.io/api/v3 from 3.2025120.21 to 3.2025120.25 (#18732) 
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2025120.21 to 3.2025120.25.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2025120.21...v3.2025120.25)

---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
  dependency-version: 3.2025120.25
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-11 12:50:10 +01:00
dependabot[bot]
15c56aa47f web: bump the storybook group across 1 directory with 5 updates (#18715) 
Bumps the storybook group with 4 updates in the /web directory: [@storybook/addon-docs](https://github.com/storybookjs/storybook/tree/HEAD/code/addons/docs), [@storybook/addon-links](https://github.com/storybookjs/storybook/tree/HEAD/code/addons/links), [@storybook/web-components](https://github.com/storybookjs/storybook/tree/HEAD/code/renderers/web-components) and [@storybook/web-components-vite](https://github.com/storybookjs/storybook/tree/HEAD/code/frameworks/web-components-vite).


Updates `@storybook/addon-docs` from 10.1.4 to 10.1.5
- [Release notes](https://github.com/storybookjs/storybook/releases)
- [Changelog](https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md)
- [Commits](https://github.com/storybookjs/storybook/commits/v10.1.5/code/addons/docs)

Updates `@storybook/addon-links` from 10.1.4 to 10.1.5
- [Release notes](https://github.com/storybookjs/storybook/releases)
- [Changelog](https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md)
- [Commits](https://github.com/storybookjs/storybook/commits/v10.1.5/code/addons/links)

Updates `@storybook/web-components` from 10.1.4 to 10.1.5
- [Release notes](https://github.com/storybookjs/storybook/releases)
- [Changelog](https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md)
- [Commits](https://github.com/storybookjs/storybook/commits/v10.1.5/code/renderers/web-components)

Updates `@storybook/web-components-vite` from 10.1.4 to 10.1.5
- [Release notes](https://github.com/storybookjs/storybook/releases)
- [Changelog](https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md)
- [Commits](https://github.com/storybookjs/storybook/commits/v10.1.5/code/frameworks/web-components-vite)

Updates `storybook` from 10.1.4 to 10.1.5
- [Release notes](https://github.com/storybookjs/storybook/releases)
- [Changelog](https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md)
- [Commits](https://github.com/storybookjs/storybook/commits/v10.1.5/code/core)

---
updated-dependencies:
- dependency-name: "@storybook/addon-docs"
  dependency-version: 10.1.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: storybook
- dependency-name: "@storybook/addon-links"
  dependency-version: 10.1.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: storybook
- dependency-name: "@storybook/web-components"
  dependency-version: 10.1.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: storybook
- dependency-name: "@storybook/web-components-vite"
  dependency-version: 10.1.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: storybook
- dependency-name: storybook
  dependency-version: 10.1.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: storybook
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-11 12:37:56 +01:00
dependabot[bot]
b7502d0485 web: bump knip from 5.72.0 to 5.73.1 in /web (#18734) 
Bumps [knip](https://github.com/webpro-nl/knip/tree/HEAD/packages/knip) from 5.72.0 to 5.73.1.
- [Release notes](https://github.com/webpro-nl/knip/releases)
- [Commits](https://github.com/webpro-nl/knip/commits/5.73.1/packages/knip)

---
updated-dependencies:
- dependency-name: knip
  dependency-version: 5.73.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-11 12:37:36 +01:00
dependabot[bot]
882fd0966c core: bump goauthentik/fips-debian from e72277d to dea09c4 (#18736) 
Bumps goauthentik/fips-debian from `e72277d` to `dea09c4`.

---
updated-dependencies:
- dependency-name: goauthentik/fips-debian
  dependency-version: trixie-slim-fips
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-11 12:34:15 +01:00
Tyler
ef6a64076c website/integrations: m365: fix string match (#18731) 
Minor doc error: M365 SAML w/o AD Source

This needs to just be a simple string match, and earlier in the docs the custom property mapping is created that simply returns "user.email"

Signed-off-by: Tyler <tyler@fenby.tech>
 2025-12-10 23:57:21 -05:00
authentik-automation[bot]
a1e6b086cd core, web: update translations (#18730) 
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
 2025-12-10 23:33:53 +00:00
Teffen Ellis
2a2da34eab web: Locale selector (#18560) 
* web: Locale selector

* Fix label, hover state.

* Persist locale to session. Fix stale render. Update middleware.

* Fix background color.
 2025-12-10 15:51:17 -05:00
Alexander Tereshkin
572d965084 sources/telegram: implement connecting existing user to a Telegram account (#18517) 2025-12-10 18:20:40 +01:00
Marc 'risson' Schmitt
92c5efbac1 sources/sync: configuration for outgoing sync trigger mode (#17669) 
* sources/sync: configuration for outgoing sync trigger mode

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

* lint

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

* api and frontend

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

* fix tests

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

* update migrations

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

* Wrap `msg` calls in function to fix translation. Update props to accept
callbacks.

---------

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
Co-authored-by: Teffen Ellis <teffen@goauthentik.io>
 2025-12-10 12:40:32 -03:00
Dominic R
b4b89e9633 website/integrations: add KitchenOwl (#18687) 
* website/integrations: add KitchenOwl OIDC integration documentation

* wip

* Small changes

---------

Co-authored-by: Victor Löfgren <victor.lofgren99@pm.me>
Co-authored-by: dewi-tik <dewi@goauthentik.io>
 2025-12-10 15:27:10 +00:00
Marc 'risson' Schmitt
54be51862a admin/files: add check for /media existence (#18636) 2025-12-10 11:56:45 -03:00
Marc 'risson' Schmitt
03a2212657 lifecycle/migrate: remove tenant_files migration (#18729) 2025-12-10 14:03:17 +00:00
dependabot[bot]
a50936f2e7 core: bump goauthentik.io/api/v3 from 3.2025120.19 to 3.2025120.21 (#18714) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-10 13:31:14 +00:00
dependabot[bot]
ae44cb0ca2 core: bump library/golang from b669435 to 5d35fb8 (#18718) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-10 13:29:13 +00:00
dependabot[bot]
f0132570ca ci: bump codecov/codecov-action from 5.5.1 to 5.5.2 in /.github/actions/test-results (#18722) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-10 13:28:09 +00:00
dependabot[bot]
6a922a63d8 ci: bump peter-evans/create-pull-request from 7.0.11 to 8.0.0 (#18721) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-10 13:27:45 +00:00
authentik-automation[bot]
efa35ba94b core, web: update translations (#18713) 
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
 2025-12-10 14:10:18 +01:00
dependabot[bot]
6763636242 core: bump goauthentik/fips-debian from cb2d1f8 to e72277d (#18720) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-10 14:09:00 +01:00
dependabot[bot]
d78ae5c55e core: bump library/nginx from e21f8d0 to 325b00a in /website (#18724) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-10 14:07:54 +01:00
dependabot[bot]
ca714d819c core: bump library/node from 7942b33 to ccfd9da in /website (#18725) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-10 14:07:46 +01:00
Connor Peshek
efdc11e413 web/admin: Add SAML metadata form to wizard (#17690) 
Co-authored-by: connor peshek <connorpeshek@connors-MacBook-Pro.local>
 2025-12-10 13:58:13 +01:00
Anduin Xue
cd09bff247 sources/oauth: add WeChat type (#18086) 
* Add wechat.

* Refactor comments and formatting in wechat.py

Signed-off-by: Anduin Xue <anduin@aiursoft.com>

* Fix lint.

Signed-off-by: Anduin Xue <anduin@aiursoft.com>

* Fix lint.

* fix: Rename `WeChat` enum member to `Wechat` for consistency

* docs: Add WeChat social login integration guide.

* Docs updates

* Revise WeChat integration instructions

Updated instructions for creating a WeChat Website Application and added details about scopes and user attribute mappings.

Signed-off-by: Anduin Xue <anduin@aiursoft.com>

* Prettier

* Update wechat.py

Signed-off-by: Anduin Xue <anduin@aiursoft.com>

---------

Signed-off-by: Anduin Xue <anduin@aiursoft.com>
Co-authored-by: dewi-tik <dewi@goauthentik.io>
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
 2025-12-10 12:48:12 +00:00
Simonyi Gergő
4c07b7ae81 blueprints: remove pk from recovery example (#18712) 2025-12-10 13:15:09 +01:00
dependabot[bot]
320a6ce137 core: bump astral-sh/uv from 0.9.16 to 0.9.17 (#18723) 
Bumps [astral-sh/uv](https://github.com/astral-sh/uv) from 0.9.16 to 0.9.17.
- [Release notes](https://github.com/astral-sh/uv/releases)
- [Changelog](https://github.com/astral-sh/uv/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/uv/compare/0.9.16...0.9.17)

---
updated-dependencies:
- dependency-name: astral-sh/uv
  dependency-version: 0.9.17
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-10 12:32:53 +01:00
Teffen Ellis
1f21d2e8e6 web: 2025.12 UI tidy (#18650) 
* Fix box shadow, scrollbars.

* Fix contrast.

* Fix field alignment.

* Fix class ordering.

* Fix button colors while in nested table.

* Fix background color on light mode.

* Fix chip colors, spacing.

* Fix overlap of switch during transition.
 2025-12-10 02:15:14 +01:00
Marcelo Elizeche Landó
d113204872 packages/ak-guardian: bump python requirement to 3.14 (#18711) 
packages/ak-guardian: bump python to 3.14

Signed-off-by: Marcelo Elizeche Landó <marcelo@goauthentik.io>
 2025-12-09 23:21:04 +00:00
Dominic R
d1c2c1c565 contributing: don't use main branch (#18688) 
* contributing: don't use main branch

* lint

* Apply suggestion from @dominic-r

Signed-off-by: Dominic R <dominic@sdko.org>

---------

Signed-off-by: Dominic R <dominic@sdko.org>
 2025-12-09 23:12:17 +00:00
Jens L.
379a9d09f1 endpoints: fix device access group missing from blueprint (#18703) 
* endpoints: fix device access group missing from blueprint

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* also fix flow_set not being read_only

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix general blueprint schema issue of incorrect related PK fields having the wrong type some places

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix web format

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2025-12-09 19:46:49 +01:00
Marc 'risson' Schmitt
68d0b02e00 tenants: remove extra query for each request (#18705) 2025-12-09 17:52:52 +00:00
dependabot[bot]
4d289ecb75 web: bump dompurify from 3.3.0 to 3.3.1 in /web (#18694) 
Bumps [dompurify](https://github.com/cure53/DOMPurify) from 3.3.0 to 3.3.1.
- [Release notes](https://github.com/cure53/DOMPurify/releases)
- [Commits](https://github.com/cure53/DOMPurify/compare/3.3.0...3.3.1)

---
updated-dependencies:
- dependency-name: dompurify
  dependency-version: 3.3.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-09 12:51:27 -05:00
dependabot[bot]
e6f345dcab web: bump knip from 5.71.0 to 5.72.0 in /web (#18695) 
Bumps [knip](https://github.com/webpro-nl/knip/tree/HEAD/packages/knip) from 5.71.0 to 5.72.0.
- [Release notes](https://github.com/webpro-nl/knip/releases)
- [Commits](https://github.com/webpro-nl/knip/commits/5.72.0/packages/knip)

---
updated-dependencies:
- dependency-name: knip
  dependency-version: 5.72.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-09 12:25:01 -05:00
Marc 'risson' Schmitt
a19a124352 core/sessions: remove django groups prefetch (#18704) 2025-12-09 17:16:08 +00:00
Jens L.
61be5d7c29 lib: add ak_create_jwt_raw (#18676) 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2025-12-09 18:15:06 +01:00
dependabot[bot]
d728b74825 core: bump library/nginx from 553f64a to e21f8d0 in /website (#18698) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-09 16:16:43 +00:00
Simonyi Gergő
41050bb846 core: propagate ModuleNotFoundError in import_relative (#18683) 
propagate `ModuleNotFoundError` in `import_relative`

Imagine adding a `signals.py` to some managed app and typing

```
import nonexistent_module
```

to it. Previously, this would silently fail and you'd try to debug your
signals instead of the import path. Now the error is noisy and explicit.
 2025-12-09 16:58:03 +01:00