stages: source stage

[BeryJu]

Details

Add a stage type which allows using a web-based source (OAuth, SAML, Plex) as part of a flow to serve as an additional factor, which allows for external validation
This can also be used to dynamically select a source based on what the user enters for a B2B setup with user@companyA.com getting redirect to companyA's azure AD for example

---

Checklist

• Local tests pass (ak test authentik/)
• The code has been formatted (make lint-fix)

If an API change has been made

• The API schema has been updated (make gen-build)

If changes to the frontend have been made

• The code has been formatted (make web)
• The translation files have been updated (make i18n-extract)

If applicable

• The documentation has been updated
• The documentation has been formatted (make website)

[github-actions]

authentik translations instructions

Thanks for your pull request!

authentik translations are handled using Transifex. Please edit translations over there and they'll be included automatically.

[netlify]

✅ Deploy Preview for authentik-storybook ready!

Name	Link
🔨 Latest commit	da5ed05
🔍 Latest deploy log	https://app.netlify.com/sites/authentik-storybook/deploys/65f33e343550be0008f0d717
😎 Deploy Preview	https://deploy-preview-8330--authentik-storybook.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site configuration.

[codecov]

Codecov Report

Attention: Patch coverage is 82.18391% with 31 lines in your changes are missing coverage. Please review.

Project coverage is 92.27%. Comparing base (cef1d2d) to head (327051c).
Report is 333 commits behind head on main.

❗ Current head 327051c differs from pull request most recent head da5ed05. Consider uploading reports for the commit da5ed05 to get more accurate results

Files	Patch %	Lines
authentik/core/sources/flow_manager.py	30.00%	14 Missing ⚠️
authentik/stages/source/stage.py	81.48%	10 Missing ⚠️
authentik/stages/source/api.py	70.83%	7 Missing ⚠️

Additional details and impacted files

@@             Coverage Diff             @@
##             main    #8330       +/-   ##
===========================================
+ Coverage   46.62%   92.27%   +45.64%     
===========================================
  Files         626      631        +5     
  Lines       30996    31091       +95     
===========================================
+ Hits        14451    28688    +14237     
+ Misses      16545     2403    -14142     

Flag	Coverage Δ
e2e	50.59% <40.80%> (+5.87%)	⬆️
integration	26.02% <25.28%> (+0.03%)	⬆️
unit	89.54% <81.60%> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[github-actions]

authentik PR Installation instructions

Instructions for docker-compose

Add the following block to your .env file:

AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-ghcr.io/goauthentik/dev-server:gh-da5ed0547d6e9e66be5734ab93e3bece162287df
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s

For arm64, use these values:

AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-ghcr.io/goauthentik/dev-server:gh-da5ed0547d6e9e66be5734ab93e3bece162287df-arm64
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s

Afterwards, run the upgrade commands from the latest release notes.

Instructions for Kubernetes

Add the following block to your values.yml file:

authentik:
    outposts:
        container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
image:
    repository: ghcr.io/goauthentik/dev-server
    tag: gh-ghcr.io/goauthentik/dev-server:gh-da5ed0547d6e9e66be5734ab93e3bece162287df

For arm64, use these values:

authentik:
    outposts:
        container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
image:
    repository: ghcr.io/goauthentik/dev-server
    tag: gh-ghcr.io/goauthentik/dev-server:gh-da5ed0547d6e9e66be5734ab93e3bece162287df-arm64

Afterwards, run the upgrade commands from the latest release notes.

[notion-workspace]

Source stage

[netlify]

✅ Deploy Preview for authentik-docs ready!

Name	Link
🔨 Latest commit	da5ed05
🔍 Latest deploy log	https://app.netlify.com/sites/authentik-docs/deploys/65f33e340a60a900085a4846
😎 Deploy Preview	https://deploy-preview-8330--authentik-docs.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site configuration.

[tanberry]

Some clarifying edits....