Skip to content

flows: provider invalidation#5048

Merged
BeryJu merged 34 commits intomainfrom
flows/provider-invalidation
Oct 14, 2024
Merged

flows: provider invalidation#5048
BeryJu merged 34 commits intomainfrom
flows/provider-invalidation

Conversation

@BeryJu
Copy link
Member

@BeryJu BeryJu commented Mar 22, 2023
edited
Loading

replace the current static end_session interface with flows

closes #8369
closes #6917
closes #10430

@codecov
Copy link

codecov bot commented Mar 22, 2023
edited
Loading

Codecov Report

Attention: Patch coverage is 95.06173% with 4 lines in your changes missing coverage. Please review.

Project coverage is 92.76%. Comparing base (09e8f07) to head (7a02b99).
Report is 8 commits behind head on main.

✅ All tests successful. No failed tests found.

Files with missing lines Patch % Lines
authentik/providers/oauth2/views/end_session.py 92.30% 2 Missing ⚠️
authentik/providers/ldap/api.py 88.88% 1 Missing ⚠️
authentik/providers/saml/views/slo.py 94.11% 1 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #5048      +/-   ##
==========================================
- Coverage   92.76%   92.76%   -0.01%     
==========================================
  Files         736      736              
  Lines       36548    36601      +53     
==========================================
+ Hits        33903    33952      +49     
- Misses       2645     2649       +4
Flag Coverage Δ
e2e 49.38% <88.88%> (+0.12%) ⬆️
integration 24.96% <16.04%> (-0.02%) ⬇️
unit 90.20% <61.72%> (-0.06%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@BeryJu BeryJu force-pushed the flows/provider-invalidation branch 2 times, most recently from 2f98c1b to 30849ed Compare March 24, 2023 13:43
@BeryJu BeryJu self-assigned this Jun 15, 2023
@BeryJu BeryJu added this to the Future release milestone Jun 15, 2023
@BeryJu BeryJu mentioned this pull request Jun 15, 2023
Open
@ClientIco ClientIco mentioned this pull request Jun 29, 2023
Open
@BeryJu BeryJu force-pushed the flows/provider-invalidation branch from 30849ed to 9f6dd6e Compare October 18, 2023 21:08
@BeryJu BeryJu requested review from a team as code owners October 18, 2023 21:08
@netlify
Copy link

netlify bot commented Oct 18, 2023
edited
Loading

Deploy Preview for authentik-storybook canceled.

Name Link
🔨 Latest commit 7a02b99
🔍 Latest deploy log https://app.netlify.com/sites/authentik-storybook/deploys/670d1763c6132d0008715cf0

@BeryJu BeryJu force-pushed the flows/provider-invalidation branch 2 times, most recently from f3f9c94 to c637489 Compare December 19, 2023 11:00
@BeryJu BeryJu force-pushed the flows/provider-invalidation branch from c637489 to 24f3369 Compare March 24, 2024 12:52
@netlify
Copy link

netlify bot commented Mar 24, 2024
edited
Loading

Deploy Preview for authentik-docs canceled.

Name Link
🔨 Latest commit 7a02b99
🔍 Latest deploy log https://app.netlify.com/sites/authentik-docs/deploys/670d17636986b90008d54e1d

@BeryJu BeryJu mentioned this pull request Mar 29, 2024
Closed
@BeryJu BeryJu force-pushed the flows/provider-invalidation branch from 740374b to f04457c Compare March 31, 2024 16:55
BeryJu and others added 13 commits July 7, 2024 18:05
@BeryJu
add initial
45c6fde 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu
add web stage for session end
530cb83 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu
migrate saml and tests
421c14d 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu
cleanup
d56d3bd 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu
group flow settings when providers have multiple flows
5a75bdd 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu
adjust name for default provider invalidation
27a055a 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu
re-make migrations
8b970cc 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu
add invalidation_flow to saml importer
638ca81 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu
re-do migrations again
6c559f4 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu
update web stuff to get rid of old libraries
02a9b0a 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu
make unbind flow for ldap configurable
d69924f 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu
unrelated: fix flow inspector
729f677 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu
handle invalidation_flow as optional, as it should be
4503fef 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
BeryJu added 7 commits July 7, 2024 18:06
@BeryJu
also fix ldap outpost
f215b49 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu
don't generate URL in client
23a0124 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu
actually make it work???
22967e8 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu
format
123ec9e 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu
fix migration breaking things...?
0eaf28c 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu
start fixing tests
10a9a73 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu
fix fallback
32abb00 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu BeryJu force-pushed the flows/provider-invalidation branch from f04457c to 32abb00 Compare July 7, 2024 16:06
@BeryJu
re-migrate
64bdb31 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu BeryJu mentioned this pull request Sep 26, 2024
Open
BeryJu added 8 commits October 2, 2024 13:35
@BeryJu
Merge branch 'main' into flows/provider-invalidation
5dd8362 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>

# Conflicts:
#	authentik/core/urls.py
#	internal/outpost/ldap/refresh.go
#	schema.yml
#	web/src/admin/providers/ldap/LDAPProviderForm.ts
#	web/src/admin/providers/oauth2/OAuth2ProviderForm.ts
#	web/src/flow/FlowInspector.ts
@BeryJu
fix tests
87832f8 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu
Merge branch 'main' into flows/provider-invalidation
f767ada
@BeryJu
fix tests
5307cde 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu
fix duplicate flow setting
ca42da3 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu
add migration
22a24ab 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu
fix race condition with brand
7b5593c 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu
fix oauth test
728c92e 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@github-actions
Copy link
Contributor

github-actions bot commented Oct 12, 2024
edited
Loading

authentik PR Installation instructions

Instructions for docker-compose

Add the following block to your .env file:

AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-7a02b990bf35d0e490181ab03e8ca57ad059567d
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s

For arm64, use these values:

AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-7a02b990bf35d0e490181ab03e8ca57ad059567d-arm64
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s

Afterwards, run the upgrade commands from the latest release notes.

Instructions for Kubernetes

Add the following block to your values.yml file:

authentik:
    outposts:
        container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
global:
    image:
        repository: ghcr.io/goauthentik/dev-server
        tag: gh-7a02b990bf35d0e490181ab03e8ca57ad059567d

For arm64, use these values:

authentik:
    outposts:
        container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
global:
    image:
        repository: ghcr.io/goauthentik/dev-server
        tag: gh-7a02b990bf35d0e490181ab03e8ca57ad059567d-arm64

Afterwards, run the upgrade commands from the latest release notes.

BeryJu added 2 commits October 12, 2024 22:25
@BeryJu
fix SAML tests
d1c48f9 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu
add to wizard, fix required
2b08489 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu BeryJu force-pushed the flows/provider-invalidation branch from b0dd055 to 2b08489 Compare October 12, 2024 21:04
BeryJu added 2 commits October 14, 2024 12:04
@BeryJu
update docs
5419bd2 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu
make required, start release notes
7b2ccaf 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu BeryJu requested a review from a team as a code owner October 14, 2024 12:07
@BeryJu
fix tests
7a02b99 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu BeryJu merged commit 5b66dbe into main Oct 14, 2024
@BeryJu BeryJu deleted the flows/provider-invalidation branch October 14, 2024 13:35
kensternberg-authentik added a commit that referenced this pull request Oct 14, 2024
@kensternberg-authentik
Merge branch 'main' into web/testing/stories-for-existing
4baca34 
* main:
  web: bump API Client version (#11678)
  providers/scim: add option to ignore SCIM server cert (#11437)
  website/integrations add GHEC EMU and fix-up GHES (#11677)
  website/docs: fix SkipObject exception (#11632)
  web: bump API Client version (#11676)
  flows: provider invalidation (#5048)
  translate: Updates for file locale/en/LC_MESSAGES/django.po in zh-Hans (#11662)
  translate: Updates for file locale/en/LC_MESSAGES/django.po in zh_CN (#11663)
  translate: Updates for file locale/en/LC_MESSAGES/django.po in fr (#11664)
  core: bump goauthentik.io/api/v3 from 3.2024083.4 to 3.2024083.5 (#11671)
  core: bump pdoc from 14.7.0 to 15.0.0 (#11672)
  core: bump coverage from 7.6.2 to 7.6.3 (#11673)
  core, web: update translations (#11659)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@BeryJu BeryJu

Labels

None yet

Projects

None yet

Milestone

Future release

Development

Successfully merging this pull request may close these issues.

Setting next or post_logout_redirect_uri properly? OAuth tokens invalidation on logout Make end-session layout configurable

1 participant

@BeryJu