Skip to content

Commit

Permalink
Merge branch 'main' into migrate-9-25
Browse files Browse the repository at this point in the history
Signed-off-by: Jens Langhammer <jens@goauthentik.io>

# Conflicts:
#	website/package-lock.json
#	website/package.json
  • Loading branch information
BeryJu committed Oct 8, 2024
2 parents 5c3eda5 + 72a9045 commit cb8847d
Show file tree
Hide file tree
Showing 109 changed files with 12,184 additions and 36,516 deletions.
1 change: 0 additions & 1 deletion .github/dependabot.yml
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,6 @@ updates:
- package-ecosystem: npm
directories:
- "/web"
- "/tests/wdio"
- "/web/sfe"
schedule:
interval: daily
Expand Down
21 changes: 7 additions & 14 deletions .github/workflows/ci-web.yml
Original file line number Diff line number Diff line change
Expand Up @@ -24,17 +24,11 @@ jobs:
- prettier-check
project:
- web
- tests/wdio
include:
- command: tsc
project: web
- command: lit-analyse
project: web
exclude:
- command: lint:lockfile
project: tests/wdio
- command: tsc
project: tests/wdio
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
Expand All @@ -50,15 +44,7 @@ jobs:
- name: Lint
working-directory: ${{ matrix.project }}/
run: npm run ${{ matrix.command }}
ci-web-mark:
needs:
- lint
runs-on: ubuntu-latest
steps:
- run: echo mark
build:
needs:
- ci-web-mark
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
Expand All @@ -74,6 +60,13 @@ jobs:
- name: build
working-directory: web/
run: npm run build
ci-web-mark:
needs:
- build
- lint
runs-on: ubuntu-latest
steps:
- run: echo mark
test:
needs:
- ci-web-mark
Expand Down
4 changes: 2 additions & 2 deletions Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -94,7 +94,7 @@ RUN --mount=type=secret,id=GEOIPUPDATE_ACCOUNT_ID \
/bin/sh -c "/usr/bin/entry.sh || echo 'Failed to get GeoIP database, disabling'; exit 0"

# Stage 5: Python dependencies
FROM ghcr.io/goauthentik/fips-python:3.12.6-slim-bookworm-fips-full AS python-deps
FROM ghcr.io/goauthentik/fips-python:3.12.7-slim-bookworm-fips-full AS python-deps

ARG TARGETARCH
ARG TARGETVARIANT
Expand Down Expand Up @@ -124,7 +124,7 @@ RUN --mount=type=bind,target=./pyproject.toml,src=./pyproject.toml \
pip install --force-reinstall /wheels/*"

# Stage 6: Run
FROM ghcr.io/goauthentik/fips-python:3.12.6-slim-bookworm-fips-full AS final-image
FROM ghcr.io/goauthentik/fips-python:3.12.7-slim-bookworm-fips-full AS final-image

ARG VERSION
ARG GIT_BUILD_HASH
Expand Down
3 changes: 2 additions & 1 deletion authentik/sources/oauth/types/apple.py
Original file line number Diff line number Diff line change
Expand Up @@ -15,12 +15,13 @@
from authentik.sources.oauth.types.registry import SourceType, registry
from authentik.sources.oauth.views.callback import OAuthCallback
from authentik.sources.oauth.views.redirect import OAuthRedirect
from authentik.stages.identification.stage import LoginChallengeMixin

LOGGER = get_logger()
APPLE_CLIENT_ID_PARTS = 3


class AppleLoginChallenge(Challenge):
class AppleLoginChallenge(LoginChallengeMixin, Challenge):
"""Special challenge for apple-native authentication flow, which happens on the client."""

client_id = CharField()
Expand Down
3 changes: 2 additions & 1 deletion authentik/sources/plex/models.py
Original file line number Diff line number Diff line change
Expand Up @@ -19,9 +19,10 @@
from authentik.core.types import UILoginButton, UserSettingSerializer
from authentik.flows.challenge import Challenge, ChallengeResponse
from authentik.lib.generators import generate_id
from authentik.stages.identification.stage import LoginChallengeMixin


class PlexAuthenticationChallenge(Challenge):
class PlexAuthenticationChallenge(LoginChallengeMixin, Challenge):
"""Challenge shown to the user in identification stage"""

client_id = CharField()
Expand Down
2 changes: 1 addition & 1 deletion authentik/stages/authenticator_webauthn/mds/blob.jwt

Large diffs are not rendered by default.

22 changes: 15 additions & 7 deletions authentik/stages/identification/stage.py
Original file line number Diff line number Diff line change
Expand Up @@ -26,23 +26,31 @@
from authentik.flows.planner import PLAN_CONTEXT_PENDING_USER
from authentik.flows.stage import PLAN_CONTEXT_PENDING_USER_IDENTIFIER, ChallengeStageView
from authentik.flows.views.executor import SESSION_KEY_APPLICATION_PRE, SESSION_KEY_GET
from authentik.lib.utils.reflection import all_subclasses
from authentik.lib.utils.urls import reverse_with_qs
from authentik.root.middleware import ClientIPMiddleware
from authentik.sources.oauth.types.apple import AppleLoginChallenge
from authentik.sources.plex.models import PlexAuthenticationChallenge
from authentik.stages.identification.models import IdentificationStage
from authentik.stages.identification.signals import identification_failed
from authentik.stages.password.stage import authenticate


class LoginChallengeMixin:
"""Base login challenge for Identification stage"""


def get_login_serializers():
mapping = {
RedirectChallenge().fields["component"].default: RedirectChallenge,
}
for cls in all_subclasses(LoginChallengeMixin):
mapping[cls().fields["component"].default] = cls
return mapping


@extend_schema_field(
PolymorphicProxySerializer(
component_name="LoginChallengeTypes",
serializers={
RedirectChallenge().fields["component"].default: RedirectChallenge,
PlexAuthenticationChallenge().fields["component"].default: PlexAuthenticationChallenge,
AppleLoginChallenge().fields["component"].default: AppleLoginChallenge,
},
serializers=get_login_serializers,
resource_type_field_name="component",
)
)
Expand Down
2 changes: 1 addition & 1 deletion go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ require (
github.com/spf13/cobra v1.8.1
github.com/stretchr/testify v1.9.0
github.com/wwt/guac v1.3.2
goauthentik.io/api/v3 v3.2024083.1
goauthentik.io/api/v3 v3.2024083.2
golang.org/x/exp v0.0.0-20230210204819-062eb4c674ab
golang.org/x/oauth2 v0.23.0
golang.org/x/sync v0.8.0
Expand Down
4 changes: 2 additions & 2 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -299,8 +299,8 @@ go.opentelemetry.io/otel/trace v1.24.0 h1:CsKnnL4dUAr/0llH9FKuc698G04IrpWV0MQA/Y
go.opentelemetry.io/otel/trace v1.24.0/go.mod h1:HPc3Xr/cOApsBI154IU0OI0HJexz+aw5uPdbs3UCjNU=
go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE=
goauthentik.io/api/v3 v3.2024083.1 h1:OPo2VejMkS5WjYw5zIjfuxR9XUbTKs4m+sACrPKcm9U=
goauthentik.io/api/v3 v3.2024083.1/go.mod h1:zz+mEZg8rY/7eEjkMGWJ2DnGqk+zqxuybGCGrR2O4Kw=
goauthentik.io/api/v3 v3.2024083.2 h1:CYJdC60OeUa3xDbrQlyBrI8kvCNWYRe/e0HtPK1pcV0=
goauthentik.io/api/v3 v3.2024083.2/go.mod h1:zz+mEZg8rY/7eEjkMGWJ2DnGqk+zqxuybGCGrR2O4Kw=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
Expand Down
11 changes: 10 additions & 1 deletion internal/outpost/proxyv2/proxyv2.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ import (
"errors"
"net"
"net/http"
"strings"
"sync"

sentryhttp "github.com/getsentry/sentry-go/http"
Expand Down Expand Up @@ -70,12 +71,20 @@ func NewProxyServer(ac *ak.APIController) *ProxyServer {
}

func (ps *ProxyServer) HandleHost(rw http.ResponseWriter, r *http.Request) bool {
// Always handle requests for outpost paths that should answer regardless of hostname
if strings.HasPrefix(r.URL.Path, "/outpost.goauthentik.io/ping") ||
strings.HasPrefix(r.URL.Path, "/outpost.goauthentik.io/static") {
ps.mux.ServeHTTP(rw, r)
return true
}
// lookup app by hostname
a, _ := ps.lookupApp(r)
if a == nil {
return false
}
// check if the app should handle this URL, or is setup in proxy mode
if a.ShouldHandleURL(r) || a.Mode() == api.PROXYMODE_PROXY {
a.ServeHTTP(rw, r)
ps.mux.ServeHTTP(rw, r)
return true
}
return false
Expand Down
Binary file modified locale/zh-Hans/LC_MESSAGES/django.mo
Binary file not shown.
Binary file modified locale/zh_CN/LC_MESSAGES/django.mo
Binary file not shown.
Loading

0 comments on commit cb8847d

Please sign in to comment.