Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'main' into 5165-password-strength-indicator
* main: (23 commits) web: bump API Client version (#5935) sources/ldap: add support for cert based auth (#5850) ci: replace status with state for auto-deployment ci: don't write CI status to file ci: add workflow to automatically update next branch (#5921) providers/ldap: fix Outpost provider listing excluding backchannel providers (#5933) root: revert to use secret_key for JWT signing (#5934) sources/ldap: fix duplicate bind when authenticating user directly to… (#5927) web: bump core-js from 3.30.2 to 3.31.0 in /web (#5928) core: bump pytest from 7.3.1 to 7.3.2 (#5929) web: bump @rollup/plugin-commonjs from 25.0.0 to 25.0.1 in /web (#5931) web: bump @formatjs/intl-listformat from 7.3.0 to 7.4.0 in /web (#5932) core: bump github.com/go-ldap/ldap/v3 from 3.4.4 to 3.4.5 (#5930) website/integrations: Fix header in dokuwiki instructions (#5926) providers/oauth2: launch url: if URL parsing fails, return no launch URL (#5918) web: bump @babel/core from 7.22.1 to 7.22.5 in /web (#5909) web: bump @babel/plugin-proposal-decorators from 7.22.3 to 7.22.5 in /web (#5910) web: bump @babel/preset-typescript from 7.21.5 to 7.22.5 in /web (#5912) web: bump @babel/preset-env from 7.22.4 to 7.22.5 in /web (#5915) core: bump requests-mock from 1.10.0 to 1.11.0 (#5911) ...
- Loading branch information
Showing
39 changed files
with
1,421 additions
and
819 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
name: authentik-on-release-next-branch | ||
|
||
on: | ||
schedule: | ||
- cron: "0 12 * * *" # every day at noon | ||
workflow_dispatch: | ||
|
||
permissions: | ||
contents: write | ||
|
||
jobs: | ||
update-next: | ||
runs-on: ubuntu-latest | ||
environment: internal-production | ||
steps: | ||
- uses: actions/checkout@v3 | ||
with: | ||
ref: main | ||
- id: main-state | ||
run: | | ||
state=$(curl -fsSL -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${{ github.token }}" "https://api.github.com/repos/${{ github.repository }}/commits/HEAD/state" | jq -r '.state') | ||
echo "state=${state}" >> $GITHUB_OUTPUT | ||
- if: ${{ steps.main-state.outputs.state == 'success' }} | ||
run: | | ||
git push origin next --force |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Empty file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
"""LDAP Provider API tests""" | ||
from json import loads | ||
|
||
from django.urls import reverse | ||
from rest_framework.test import APITestCase | ||
|
||
from authentik.core.models import Application | ||
from authentik.core.tests.utils import create_test_admin_user, create_test_flow | ||
from authentik.lib.generators import generate_id | ||
from authentik.providers.ldap.models import LDAPProvider | ||
|
||
|
||
class TestLDAPProviderAPI(APITestCase): | ||
"""LDAP Provider API tests""" | ||
|
||
def test_outpost_application(self): | ||
"""Test outpost-like provider retrieval (direct connection)""" | ||
provider = LDAPProvider.objects.create( | ||
name=generate_id(), | ||
authorization_flow=create_test_flow(), | ||
) | ||
Application.objects.create( | ||
name=generate_id(), | ||
slug=generate_id(), | ||
provider=provider, | ||
) | ||
user = create_test_admin_user() | ||
self.client.force_login(user) | ||
res = self.client.get(reverse("authentik_api:ldapprovideroutpost-list")) | ||
self.assertEqual(res.status_code, 200) | ||
data = loads(res.content.decode()) | ||
self.assertEqual(data["pagination"]["count"], 1) | ||
self.assertEqual(len(data["results"]), 1) | ||
|
||
def test_outpost_application_backchannel(self): | ||
"""Test outpost-like provider retrieval (backchannel connection)""" | ||
provider = LDAPProvider.objects.create( | ||
name=generate_id(), | ||
authorization_flow=create_test_flow(), | ||
) | ||
app: Application = Application.objects.create( | ||
name=generate_id(), | ||
slug=generate_id(), | ||
) | ||
app.backchannel_providers.add(provider) | ||
user = create_test_admin_user() | ||
self.client.force_login(user) | ||
res = self.client.get(reverse("authentik_api:ldapprovideroutpost-list")) | ||
self.assertEqual(res.status_code, 200) | ||
data = loads(res.content.decode()) | ||
self.assertEqual(data["pagination"]["count"], 1) | ||
self.assertEqual(len(data["results"]), 1) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
45 changes: 45 additions & 0 deletions
45
...tik/sources/ldap/migrations/0003_ldapsource_client_certificate_ldapsource_sni_and_more.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,45 @@ | ||
# Generated by Django 4.1.7 on 2023-06-06 18:33 | ||
|
||
import django.db.models.deletion | ||
from django.db import migrations, models | ||
|
||
|
||
class Migration(migrations.Migration): | ||
dependencies = [ | ||
("authentik_crypto", "0004_alter_certificatekeypair_name"), | ||
("authentik_sources_ldap", "0002_auto_20211203_0900"), | ||
] | ||
|
||
operations = [ | ||
migrations.AddField( | ||
model_name="ldapsource", | ||
name="client_certificate", | ||
field=models.ForeignKey( | ||
default=None, | ||
help_text="Client certificate to authenticate against the LDAP Server's Certificate.", | ||
null=True, | ||
on_delete=django.db.models.deletion.SET_DEFAULT, | ||
related_name="ldap_client_certificates", | ||
to="authentik_crypto.certificatekeypair", | ||
), | ||
), | ||
migrations.AddField( | ||
model_name="ldapsource", | ||
name="sni", | ||
field=models.BooleanField( | ||
default=False, verbose_name="Use Server URI for SNI verification" | ||
), | ||
), | ||
migrations.AlterField( | ||
model_name="ldapsource", | ||
name="peer_certificate", | ||
field=models.ForeignKey( | ||
default=None, | ||
help_text="Optionally verify the LDAP Server's Certificate against the CA Chain in this keypair.", | ||
null=True, | ||
on_delete=django.db.models.deletion.SET_DEFAULT, | ||
related_name="ldap_peer_certificates", | ||
to="authentik_crypto.certificatekeypair", | ||
), | ||
), | ||
] |
Oops, something went wrong.