Skip to content

providers/radius: revert fix inverted message authenticator validation (#17855)#17915

Merged
BeryJu merged 1 commit intomainfrom
providers/radius/revert-message-authenticator
Nov 3, 2025
Merged

providers/radius: revert fix inverted message authenticator validation (#17855)#17915
BeryJu merged 1 commit intomainfrom
providers/radius/revert-message-authenticator

Conversation

@BeryJu
Copy link
Member

@BeryJu BeryJu commented Nov 3, 2025

This reverts commit 09e3301.

closes #17901

something must be broken in the validation, so revert to the "broken" behaviour for now

@BeryJu BeryJu requested a review from a team as a code owner November 3, 2025 14:19
@BeryJu BeryJu added area:backend backport/version-2025.10 Add this label to PRs to backport changes to version-2025.10 labels Nov 3, 2025
@netlify
Copy link

netlify bot commented Nov 3, 2025
edited
Loading

Deploy Preview for authentik-docs ready!

Name Link
🔨 Latest commit 3b20746
🔍 Latest deploy log https://app.netlify.com/projects/authentik-docs/deploys/6908b9e2e710390008c5e23c
😎 Deploy Preview https://deploy-preview-17915--authentik-docs.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@netlify
Copy link

netlify bot commented Nov 3, 2025
edited
Loading

Deploy Preview for authentik-storybook canceled.

Name Link
🔨 Latest commit 3b20746
🔍 Latest deploy log https://app.netlify.com/projects/authentik-storybook/deploys/6908b9e28c2b2b0008e8a760

@netlify
Copy link

netlify bot commented Nov 3, 2025
edited
Loading

Deploy Preview for authentik-integrations canceled.

Name Link
🔨 Latest commit 3b20746
🔍 Latest deploy log https://app.netlify.com/projects/authentik-integrations/deploys/6908b9e25b52a50008dbd0e6

@BeryJu BeryJu changed the title Revert "providers/radius: fix inverted message authenticator validation (#17855)" providers/radius: revert fix inverted message authenticator validation (#17855) Nov 3, 2025
@codecov
Copy link

codecov bot commented Nov 3, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 92.88%. Comparing base (6b08a93) to head (3b20746).
⚠️ Report is 1 commits behind head on main.
✅ All tests successful. No failed tests found.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main   #17915      +/-   ##
==========================================
+ Coverage   92.67%   92.88%   +0.20%     
==========================================
  Files         869      869              
  Lines       47960    47960              
==========================================
+ Hits        44449    44548      +99     
+ Misses       3511     3412      -99
Flag Coverage Δ
e2e 45.18% <ø> (+0.61%) ⬆️
integration 23.13% <ø> (-0.06%) ⬇️
unit 91.08% <ø> (+<0.01%) ⬆️
unit-migrate 91.13% <ø> (+<0.01%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@BeryJu BeryJu merged commit 1aff2c2 into main Nov 3, 2025
134 of 136 checks passed
@BeryJu BeryJu deleted the providers/radius/revert-message-authenticator branch November 3, 2025 15:10
@github-project-automation github-project-automation bot moved this from Todo to Done in authentik Core Nov 3, 2025
authentik-automation bot pushed a commit that referenced this pull request Nov 3, 2025
@BeryJu @authentik-automation
providers/radius: revert fix inverted message authenticator validation (
f157e3c 
#17855) (#17915)

Revert "providers/radius: fix inverted message authenticator validation (#17855)"

This reverts commit 09e3301.
@authentik-automation authentik-automation bot mentioned this pull request Nov 3, 2025
Merged
@authentik-automation
Copy link
Contributor

authentik-automation bot commented Nov 3, 2025

🍒 Cherry-pick to version-2025.10 created: #17916

BeryJu added a commit that referenced this pull request Nov 3, 2025
@authentik-automation @BeryJu
providers/radius: revert fix inverted message authenticator validation (
f667989 
#17855) (cherry-pick #17915 to version-2025.10) (#17916)

providers/radius: revert fix inverted message authenticator validation (#17855) (#17915)

Revert "providers/radius: fix inverted message authenticator validation (#17855)"

This reverts commit 09e3301.

Co-authored-by: Jens L. <jens@goauthentik.io>
@github-actions
Copy link
Contributor

github-actions bot commented Nov 3, 2025

authentik PR Installation instructions

Instructions for docker-compose

Add the following block to your .env file:

AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-3b2074681161eb17ee2577200c33147e86bd72a1
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s

Afterwards, run the upgrade commands from the latest release notes.

Instructions for Kubernetes

Add the following block to your values.yml file:

authentik:
    outposts:
        container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
global:
    image:
        repository: ghcr.io/goauthentik/dev-server
        tag: gh-3b2074681161eb17ee2577200c33147e86bd72a1

Afterwards, run the upgrade commands from the latest release notes.

kensternberg-authentik added a commit that referenced this pull request Nov 10, 2025
@kensternberg-authentik
Merge branch 'main' into dev
bc2a071 
* main: (32 commits)
  website/docs: 2025.10.1 release notes (#17918)
  providers/oauth2: fix kid always required for federation (#17914)
  providers/radius: revert fix inverted message authenticator validation (#17855) (#17915)
  website: bump @types/node from 24.9.1 to 24.9.2 in /website (#17786)
  web: bump @rollup/plugin-commonjs from 28.0.8 to 28.0.9 in /web in the rollup group across 1 directory (#17788)
  web: bump validator from 13.15.15 to 13.15.20 in /packages/docusaurus-config (#17866)
  internal: add default go http server timeouts (#17858)
  providers/radius: fix inverted message authenticator validation (#17855)
  stages/authenticator_webauthn: Update FIDO MDS3 & Passkey aaguid blobs (#17871)
  web: fix package-lock.json (#17809)
  website/integrations: oracle cloud: cleanup (#17808)
  website/integrations: Add Keycloak integration (#17813)
  website: bump the build group across 1 directory with 9 updates (#17849)
  lifecycle/aws: bump aws-cdk from 2.1031.0 to 2.1031.1 in /lifecycle/aws (#17850)
  core: bump astral-sh/uv from 0.9.6 to 0.9.7 (#17851)
  internal: full openssl path (#17856)
  outpost: revert breaking signals change (#17847)
  web/a11y: Isolated Outpost Error Page (#17683)
  provider/saml: make signing kp singleton (#17703)
  tasks: sanitize log attributes (#17833)
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

area:backend backport/version-2025.10 Add this label to PRs to backport changes to version-2025.10

Projects

authentik Core
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

radius outpost: invalid message authenticator

1 participant

@BeryJu