Skip to content

brands: add OIDC webfinger support#10400

Merged
BeryJu merged 2 commits intomainfrom
brands/webfinger
Aug 6, 2024
Merged

brands: add OIDC webfinger support#10400
BeryJu merged 2 commits intomainfrom
brands/webfinger

Conversation

@BeryJu
Copy link
Copy Markdown
Member

@BeryJu BeryJu commented Jul 6, 2024

Details

closes #5440

Checklist

  • Local tests pass (ak test authentik/)
  • The code has been formatted (make lint-fix)

If an API change has been made

  • The API schema has been updated (make gen-build)

If changes to the frontend have been made

  • The code has been formatted (make web)

If applicable

  • The documentation has been updated
  • The documentation has been formatted (make website)

@BeryJu BeryJu requested a review from a team as a code owner July 6, 2024 23:40
@netlify
Copy link
Copy Markdown

netlify bot commented Jul 6, 2024
edited
Loading

Deploy Preview for authentik-docs canceled.

Name Link
🔨 Latest commit d724f9e
🔍 Latest deploy log https://app.netlify.com/sites/authentik-docs/deploys/66b209fcb9a5060008113155

Base automatically changed from core/b2c-improvements-p1 to main July 23, 2024 09:10
@BeryJu BeryJu requested a review from a team as a code owner July 23, 2024 09:10
@BeryJu BeryJu force-pushed the brands/webfinger branch from 5e47a64 to 65e251d Compare July 23, 2024 09:28
@netlify
Copy link
Copy Markdown

netlify bot commented Jul 23, 2024
edited
Loading

Deploy Preview for authentik-storybook canceled.

Name Link
🔨 Latest commit d724f9e
🔍 Latest deploy log https://app.netlify.com/sites/authentik-storybook/deploys/66b209fc501d680008dacd03

@codecov
Copy link
Copy Markdown

codecov bot commented Jul 23, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 92.58%. Comparing base (8a536dc) to head (d724f9e).
Report is 1 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main   #10400      +/-   ##
==========================================
- Coverage   92.64%   92.58%   -0.07%     
==========================================
  Files         727      729       +2     
  Lines       35541    35594      +53     
==========================================
+ Hits        32928    32954      +26     
- Misses       2613     2640      +27
Flag Coverage Δ
e2e 49.59% <35.18%> (-0.12%) ⬇️
integration 25.29% <14.81%> (-0.02%) ⬇️
unit 90.09% <100.00%> (+0.01%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@BeryJu BeryJu force-pushed the brands/webfinger branch from 65e251d to df0ef21 Compare July 23, 2024 16:18
@BeryJu BeryJu mentioned this pull request Jul 30, 2024
Open
@BeryJu
brands: add OIDC webfinger support for default application
9fac66c 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu BeryJu force-pushed the brands/webfinger branch from df0ef21 to 9fac66c Compare August 6, 2024 11:25
@BeryJu
add tests
d724f9e 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu BeryJu merged commit 3d63143 into main Aug 6, 2024
@BeryJu BeryJu deleted the brands/webfinger branch August 6, 2024 12:00
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Aug 6, 2024
edited
Loading

authentik PR Installation instructions

Instructions for docker-compose

Add the following block to your .env file:

AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-d724f9eb9d2a18656138fa0d95aaba2aaa433f48
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s

For arm64, use these values:

AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-d724f9eb9d2a18656138fa0d95aaba2aaa433f48-arm64
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s

Afterwards, run the upgrade commands from the latest release notes.

Instructions for Kubernetes

Add the following block to your values.yml file:

authentik:
    outposts:
        container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
global:
    image:
        repository: ghcr.io/goauthentik/dev-server
        tag: gh-d724f9eb9d2a18656138fa0d95aaba2aaa433f48

For arm64, use these values:

authentik:
    outposts:
        container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
global:
    image:
        repository: ghcr.io/goauthentik/dev-server
        tag: gh-d724f9eb9d2a18656138fa0d95aaba2aaa433f48-arm64

Afterwards, run the upgrade commands from the latest release notes.

kensternberg-authentik added a commit that referenced this pull request Aug 6, 2024
@kensternberg-authentik
Merge branch 'main' into web/revision/more-dual-select-uses-2
f2e7787 
* main: (473 commits)
  blueprints: handle model referencing non-existent app/model (#10796)
  website/docs: add more content about flows (#10527)
  brands: add OIDC webfinger support (#10400)
  web/admin: fix selectable card colour in dark theme (#10794)
  web: bump API Client version (#10793)
  policies: add GeoIP policy (#10454)
  core: bump debugpy from 1.8.3 to 1.8.5 (#10781)
  web: bump @sentry/browser from 8.22.0 to 8.23.0 in /web in the sentry group across 1 directory (#10782)
  website: bump postcss from 8.4.40 to 8.4.41 in /website (#10783)
  web: bump the wdio group across 2 directories with 4 updates (#10785)
  web: bump @lit/localize from 0.12.1 to 0.12.2 in /web (#10786)
  web: bump @floating-ui/dom from 1.6.8 to 1.6.9 in /web (#10787)
  web: bump @lit/localize-tools from 0.7.2 to 0.8.0 in /web (#10788)
  web: bump lit from 3.1.4 to 3.2.0 in /web (#10789)
  core: bump goauthentik.io/api/v3 from 3.2024062.2 to 3.2024063.1 (#10790)
  web: bump API Client version (#10779)
  release: 2024.6.3
  website/docs: prepare 2024.6.3 release notes (#10775)
  website/scripts: updated readme, added docsmg.env file  (#10710)
  web: bump API Client version (#10777)
  ...
kensternberg-authentik added a commit that referenced this pull request Aug 6, 2024
@kensternberg-authentik
Merge branch 'main' into web/cleanup/admin-overview-testing
d3c2870 
* main: (702 commits)
  blueprints: handle model referencing non-existent app/model (#10796)
  website/docs: add more content about flows (#10527)
  brands: add OIDC webfinger support (#10400)
  web/admin: fix selectable card colour in dark theme (#10794)
  web: bump API Client version (#10793)
  policies: add GeoIP policy (#10454)
  core: bump debugpy from 1.8.3 to 1.8.5 (#10781)
  web: bump @sentry/browser from 8.22.0 to 8.23.0 in /web in the sentry group across 1 directory (#10782)
  website: bump postcss from 8.4.40 to 8.4.41 in /website (#10783)
  web: bump the wdio group across 2 directories with 4 updates (#10785)
  web: bump @lit/localize from 0.12.1 to 0.12.2 in /web (#10786)
  web: bump @floating-ui/dom from 1.6.8 to 1.6.9 in /web (#10787)
  web: bump @lit/localize-tools from 0.7.2 to 0.8.0 in /web (#10788)
  web: bump lit from 3.1.4 to 3.2.0 in /web (#10789)
  core: bump goauthentik.io/api/v3 from 3.2024062.2 to 3.2024063.1 (#10790)
  web: bump API Client version (#10779)
  release: 2024.6.3
  website/docs: prepare 2024.6.3 release notes (#10775)
  website/scripts: updated readme, added docsmg.env file  (#10710)
  web: bump API Client version (#10777)
  ...
kensternberg-authentik added a commit that referenced this pull request Aug 6, 2024
@kensternberg-authentik
Merge branch 'main' into web/cleanup/20240516-simple-element-docs-1
0514563 
* main: (690 commits)
  blueprints: handle model referencing non-existent app/model (#10796)
  website/docs: add more content about flows (#10527)
  brands: add OIDC webfinger support (#10400)
  web/admin: fix selectable card colour in dark theme (#10794)
  web: bump API Client version (#10793)
  policies: add GeoIP policy (#10454)
  core: bump debugpy from 1.8.3 to 1.8.5 (#10781)
  web: bump @sentry/browser from 8.22.0 to 8.23.0 in /web in the sentry group across 1 directory (#10782)
  website: bump postcss from 8.4.40 to 8.4.41 in /website (#10783)
  web: bump the wdio group across 2 directories with 4 updates (#10785)
  web: bump @lit/localize from 0.12.1 to 0.12.2 in /web (#10786)
  web: bump @floating-ui/dom from 1.6.8 to 1.6.9 in /web (#10787)
  web: bump @lit/localize-tools from 0.7.2 to 0.8.0 in /web (#10788)
  web: bump lit from 3.1.4 to 3.2.0 in /web (#10789)
  core: bump goauthentik.io/api/v3 from 3.2024062.2 to 3.2024063.1 (#10790)
  web: bump API Client version (#10779)
  release: 2024.6.3
  website/docs: prepare 2024.6.3 release notes (#10775)
  website/scripts: updated readme, added docsmg.env file  (#10710)
  web: bump API Client version (#10777)
  ...
kensternberg-authentik added a commit that referenced this pull request Aug 6, 2024
@kensternberg-authentik
Merge branch 'main' into web/maint/move-to-wireit
972632b 
* main: (229 commits)
  blueprints: handle model referencing non-existent app/model (#10796)
  website/docs: add more content about flows (#10527)
  brands: add OIDC webfinger support (#10400)
  web/admin: fix selectable card colour in dark theme (#10794)
  web: bump API Client version (#10793)
  policies: add GeoIP policy (#10454)
  core: bump debugpy from 1.8.3 to 1.8.5 (#10781)
  web: bump @sentry/browser from 8.22.0 to 8.23.0 in /web in the sentry group across 1 directory (#10782)
  website: bump postcss from 8.4.40 to 8.4.41 in /website (#10783)
  web: bump the wdio group across 2 directories with 4 updates (#10785)
  web: bump @lit/localize from 0.12.1 to 0.12.2 in /web (#10786)
  web: bump @floating-ui/dom from 1.6.8 to 1.6.9 in /web (#10787)
  web: bump @lit/localize-tools from 0.7.2 to 0.8.0 in /web (#10788)
  web: bump lit from 3.1.4 to 3.2.0 in /web (#10789)
  core: bump goauthentik.io/api/v3 from 3.2024062.2 to 3.2024063.1 (#10790)
  web: bump API Client version (#10779)
  release: 2024.6.3
  website/docs: prepare 2024.6.3 release notes (#10775)
  website/scripts: updated readme, added docsmg.env file  (#10710)
  web: bump API Client version (#10777)
  ...
kensternberg-authentik added a commit that referenced this pull request Aug 12, 2024
@kensternberg-authentik
Merge branch 'main' into web/bug/search-select-focus-issue
4378e55 
* main:
  blueprints: handle model referencing non-existent app/model (#10796)
  website/docs: add more content about flows (#10527)
  brands: add OIDC webfinger support (#10400)
  web/admin: fix selectable card colour in dark theme (#10794)
  web: bump API Client version (#10793)
  policies: add GeoIP policy (#10454)
  core: bump debugpy from 1.8.3 to 1.8.5 (#10781)
  web: bump @sentry/browser from 8.22.0 to 8.23.0 in /web in the sentry group across 1 directory (#10782)
  website: bump postcss from 8.4.40 to 8.4.41 in /website (#10783)
  web: bump the wdio group across 2 directories with 4 updates (#10785)
  web: bump @lit/localize from 0.12.1 to 0.12.2 in /web (#10786)
  web: bump @floating-ui/dom from 1.6.8 to 1.6.9 in /web (#10787)
  web: bump @lit/localize-tools from 0.7.2 to 0.8.0 in /web (#10788)
  web: bump lit from 3.1.4 to 3.2.0 in /web (#10789)
  core: bump goauthentik.io/api/v3 from 3.2024062.2 to 3.2024063.1 (#10790)
  web: bump API Client version (#10779)
@butonic butonic mentioned this pull request Aug 26, 2024
Open
@nikdoof nikdoof mentioned this pull request Dec 4, 2024
Open
@Miladiir
Copy link
Copy Markdown

Miladiir commented Jan 2, 2025

Hi, looks nice, but how to use this?

@DavidDriessen
Copy link
Copy Markdown

DavidDriessen commented Feb 4, 2025

To anybody stumbling across this PR. To use the webfinger feature in Authentik, assign an default application with an OIDC provider to your brand. Also make sure that the domain you access the webfinger path is the same as the brand domain.

@kobyon kobyon mentioned this pull request Feb 17, 2025
Closed
@slimshizn
Copy link
Copy Markdown

slimshizn commented Mar 30, 2025

#13092 (comment)

easier to find on how to setup.

This should be documented.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Implement Webfinger (RFC 7033)

4 participants

@BeryJu @Miladiir @DavidDriessen @slimshizn