diff --git a/.github/workflows/repo-stale.yml b/.github/workflows/repo-stale.yml index 24f0ac0fb084..4918171953ca 100644 --- a/.github/workflows/repo-stale.yml +++ b/.github/workflows/repo-stale.yml @@ -23,7 +23,7 @@ jobs: repo-token: ${{ steps.generate_token.outputs.token }} days-before-stale: 60 days-before-close: 7 - exempt-issue-labels: pinned,security,pr_wanted,enhancement,bug/confirmed,enhancement/confirmed,question + exempt-issue-labels: pinned,security,pr_wanted,enhancement,bug/confirmed,enhancement/confirmed,question,status/reviewing stale-issue-label: wontfix stale-issue-message: > This issue has been automatically marked as stale because it has not had diff --git a/authentik/api/apps.py b/authentik/api/apps.py index 5acf3e29c196..8ae859a54d30 100644 --- a/authentik/api/apps.py +++ b/authentik/api/apps.py @@ -10,26 +10,3 @@ class AuthentikAPIConfig(AppConfig): label = "authentik_api" mountpoint = "api/" verbose_name = "authentik API" - - def ready(self) -> None: - from drf_spectacular.extensions import OpenApiAuthenticationExtension - - from authentik.api.authentication import TokenAuthentication - - # Class is defined here as it needs to be created early enough that drf-spectacular will - # find it, but also won't cause any import issues - - class TokenSchema(OpenApiAuthenticationExtension): - """Auth schema""" - - target_class = TokenAuthentication - name = "authentik" - - def get_security_definition(self, auto_schema): - """Auth schema""" - return { - "type": "apiKey", - "in": "header", - "name": "Authorization", - "scheme": "bearer", - } diff --git a/authentik/api/authentication.py b/authentik/api/authentication.py index cbc606a5a5c3..ab4b67d731b2 100644 --- a/authentik/api/authentication.py +++ b/authentik/api/authentication.py @@ -4,6 +4,7 @@ from typing import Any from django.conf import settings +from drf_spectacular.extensions import OpenApiAuthenticationExtension from rest_framework.authentication import BaseAuthentication, get_authorization_header from rest_framework.exceptions import AuthenticationFailed from rest_framework.request import Request @@ -102,3 +103,14 @@ def authenticate(self, request: Request) -> tuple[User, Any] | None: return None return (user, None) # pragma: no cover + + +class TokenSchema(OpenApiAuthenticationExtension): + """Auth schema""" + + target_class = TokenAuthentication + name = "authentik" + + def get_security_definition(self, auto_schema): + """Auth schema""" + return {"type": "http", "scheme": "bearer"} diff --git a/authentik/root/test_plugin.py b/authentik/root/test_plugin.py new file mode 100644 index 000000000000..2360a5021da3 --- /dev/null +++ b/authentik/root/test_plugin.py @@ -0,0 +1,21 @@ +from os import environ + +import pytest + +from authentik import get_full_version + +IS_CI = "CI" in environ + + +@pytest.hookimpl(hookwrapper=True) +def pytest_sessionstart(*_, **__): + """Clear the console ahead of the pytest output starting""" + if not IS_CI: + print("\x1b[2J\x1b[H") + yield + + +@pytest.hookimpl(trylast=True) +def pytest_report_header(*_, **__): + """Add authentik version to pytest output""" + return [f"authentik version: {get_full_version()}"] diff --git a/authentik/root/test_runner.py b/authentik/root/test_runner.py index 30b68b5ecc5c..867469d2b04a 100644 --- a/authentik/root/test_runner.py +++ b/authentik/root/test_runner.py @@ -4,6 +4,7 @@ from argparse import ArgumentParser from unittest import TestCase +import pytest from django.conf import settings from django.test.runner import DiscoverRunner @@ -105,6 +106,4 @@ def run_tests(self, test_labels, extra_tests=None, **kwargs): f"path instead." ) - import pytest - return pytest.main(self.args) diff --git a/authentik/stages/user_login/tests.py b/authentik/stages/user_login/tests.py index d5dd7c05f151..e9b02b483c4d 100644 --- a/authentik/stages/user_login/tests.py +++ b/authentik/stages/user_login/tests.py @@ -133,13 +133,14 @@ def test_expiry_remember(self): reverse("authentik_api:flow-executor", kwargs={"flow_slug": self.flow.slug}), data={"remember_me": True}, ) + _now = now().timestamp() self.assertEqual(response.status_code, 200) self.assertStageRedirects(response, reverse("authentik_core:root-redirect")) self.assertNotEqual(list(self.client.session.keys()), []) session_key = self.client.session.session_key session = AuthenticatedSession.objects.filter(session_key=session_key).first() self.assertAlmostEqual( - session.expires.timestamp() - now().timestamp(), + session.expires.timestamp() - _now, timedelta_from_string(self.stage.session_duration).total_seconds() + timedelta_from_string(self.stage.remember_me_offset).total_seconds(), delta=1, diff --git a/blueprints/default/default-brand.yaml b/blueprints/default/default-brand.yaml index c9c3a3ac6d9b..835427a29410 100644 --- a/blueprints/default/default-brand.yaml +++ b/blueprints/default/default-brand.yaml @@ -26,6 +26,9 @@ entries: !Find [authentik_flows.flow, [slug, default-user-settings-flow]] identifiers: domain: authentik-default - default: True + default: true state: created + conditions: + # Only create default brand if no other default brand exists + - !Condition [NOR, !Find [authentik_brands.brand, [default, True]]] model: authentik_brands.brand diff --git a/internal/outpost/flow/executor.go b/internal/outpost/flow/executor.go index 10dca6bb5fbf..d1e898308c8e 100644 --- a/internal/outpost/flow/executor.go +++ b/internal/outpost/flow/executor.go @@ -86,7 +86,9 @@ func NewFlowExecutor(ctx context.Context, flowSlug string, refConfig *api.Config Jar: jar, Transport: fe, } - fe.token = strings.Split(refConfig.DefaultHeader["Authorization"], " ")[1] + if authz, ok := refConfig.DefaultHeader["Authorization"]; ok { + fe.token = strings.Split(authz, " ")[1] + } config.AddDefaultHeader(HeaderAuthentikOutpostToken, fe.token) fe.api = api.NewAPIClient(config) return fe diff --git a/internal/outpost/flow/solvers_mfa_test.go b/internal/outpost/flow/solvers_mfa_test.go new file mode 100644 index 000000000000..7b523b05d55e --- /dev/null +++ b/internal/outpost/flow/solvers_mfa_test.go @@ -0,0 +1,68 @@ +package flow_test + +import ( + "context" + "encoding/base64" + "fmt" + "strconv" + "testing" + + "github.com/gorilla/securecookie" + "github.com/sirupsen/logrus" + "github.com/stretchr/testify/assert" + "goauthentik.io/api/v3" + "goauthentik.io/internal/outpost/flow" +) + +func testSecret() string { + return base64.RawURLEncoding.EncodeToString(securecookie.GenerateRandomKey(32)) +} + +func TestFlowExecutor_SetSecrets_Plain(t *testing.T) { + fe := flow.NewFlowExecutor(context.TODO(), "", api.NewConfiguration(), logrus.Fields{}) + pw := testSecret() + fe.SetSecrets(pw, false) + assert.Equal(t, pw, fe.Answers[flow.StagePassword]) + assert.Equal(t, pw, fe.Answers[flow.StageAuthenticatorValidate]) +} + +func TestFlowExecutor_SetSecrets_TOTP_6(t *testing.T) { + fe := flow.NewFlowExecutor(context.TODO(), "", api.NewConfiguration(), logrus.Fields{}) + pw := testSecret() + totp := 123456 + formatted := fmt.Sprintf("%s%s%d", pw, flow.CodePasswordSeparator, totp) + fe.SetSecrets(formatted, true) + assert.Equal(t, pw, fe.Answers[flow.StagePassword]) + assert.Equal(t, strconv.Itoa(totp), fe.Answers[flow.StageAuthenticatorValidate]) +} + +func TestFlowExecutor_SetSecrets_TOTP_8(t *testing.T) { + fe := flow.NewFlowExecutor(context.TODO(), "", api.NewConfiguration(), logrus.Fields{}) + pw := testSecret() + totp := 12345678 + formatted := fmt.Sprintf("%s%s%d", pw, flow.CodePasswordSeparator, totp) + fe.SetSecrets(formatted, true) + assert.Equal(t, pw, fe.Answers[flow.StagePassword]) + assert.Equal(t, strconv.Itoa(totp), fe.Answers[flow.StageAuthenticatorValidate]) +} + +func TestFlowExecutor_SetSecrets_TOTP_TooLong(t *testing.T) { + fe := flow.NewFlowExecutor(context.TODO(), "", api.NewConfiguration(), logrus.Fields{}) + pw := testSecret() + totp := 1234567890 + formatted := fmt.Sprintf("%s%s%d", pw, flow.CodePasswordSeparator, totp) + fe.SetSecrets(formatted, true) + assert.Equal(t, formatted, fe.Answers[flow.StagePassword]) + assert.Equal(t, "", fe.Answers[flow.StageAuthenticatorValidate]) +} + +func TestFlowExecutor_SetSecrets_TOTP_NoCode(t *testing.T) { + fe := flow.NewFlowExecutor(context.TODO(), "", api.NewConfiguration(), logrus.Fields{}) + pw := testSecret() + fe.SetSecrets(pw, true) + assert.Equal(t, pw, fe.Answers[flow.StagePassword]) + assert.Equal(t, "", fe.Answers[flow.StageAuthenticatorValidate]) + fe.SetSecrets(pw+flow.CodePasswordSeparator, true) + assert.Equal(t, pw, fe.Answers[flow.StagePassword]) + assert.Equal(t, "", fe.Answers[flow.StageAuthenticatorValidate]) +} diff --git a/locale/en/LC_MESSAGES/django.po b/locale/en/LC_MESSAGES/django.po index 904bd1d24fb8..54d0711d222f 100644 --- a/locale/en/LC_MESSAGES/django.po +++ b/locale/en/LC_MESSAGES/django.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2024-04-09 00:08+0000\n" +"POT-Creation-Date: 2024-04-12 00:07+0000\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -2186,6 +2186,12 @@ msgid "" "again." msgstr "" +#: authentik/stages/authenticator_validate/challenge.py +#: authentik/stages/authenticator_webauthn/stage.py +#, python-brace-format +msgid "Invalid device type. Contact your {brand} administrator for help." +msgstr "" + #: authentik/stages/authenticator_validate/models.py msgid "Static" msgstr "" @@ -2235,6 +2241,10 @@ msgstr "" msgid "Authenticator Validation Stages" msgstr "" +#: authentik/stages/authenticator_validate/stage.py +msgid "No (allowed) MFA authenticator configured." +msgstr "" + #: authentik/stages/authenticator_webauthn/models.py msgid "WebAuthn Authenticator Setup Stage" msgstr "" @@ -2259,11 +2269,6 @@ msgstr "" msgid "WebAuthn Device types" msgstr "" -#: authentik/stages/authenticator_webauthn/stage.py -#, python-brace-format -msgid "Invalid device type. Contact your {brand} administrator for help." -msgstr "" - #: authentik/stages/captcha/models.py msgid "Public key, acquired your captcha Provider." msgstr "" @@ -2846,6 +2851,14 @@ msgstr "" msgid "Globally enable/disable impersonation." msgstr "" +#: authentik/tenants/models.py +msgid "Default token duration" +msgstr "" + +#: authentik/tenants/models.py +msgid "Default token length" +msgstr "" + #: authentik/tenants/models.py msgid "Tenant" msgstr "" diff --git a/locale/zh-Hans/LC_MESSAGES/django.mo b/locale/zh-Hans/LC_MESSAGES/django.mo index 30c5e991548a..ef60c2ce408e 100644 Binary files a/locale/zh-Hans/LC_MESSAGES/django.mo and b/locale/zh-Hans/LC_MESSAGES/django.mo differ diff --git a/locale/zh-Hans/LC_MESSAGES/django.po b/locale/zh-Hans/LC_MESSAGES/django.po index 829b80cb5f69..dbbc38d39095 100644 --- a/locale/zh-Hans/LC_MESSAGES/django.po +++ b/locale/zh-Hans/LC_MESSAGES/django.po @@ -14,7 +14,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2024-04-09 00:08+0000\n" +"POT-Creation-Date: 2024-04-12 00:07+0000\n" "PO-Revision-Date: 2022-09-26 16:47+0000\n" "Last-Translator: deluxghost, 2024\n" "Language-Team: Chinese Simplified (https://app.transifex.com/authentik/teams/119923/zh-Hans/)\n" @@ -2222,6 +2222,12 @@ msgid "" "again." msgstr "无效的令牌。请确保设备上的时间准确并重试。" +#: authentik/stages/authenticator_validate/challenge.py +#: authentik/stages/authenticator_webauthn/stage.py +#, python-brace-format +msgid "Invalid device type. Contact your {brand} administrator for help." +msgstr "无效的设备类型。请联系您的 {brand} 管理员获得帮助。" + #: authentik/stages/authenticator_validate/models.py msgid "Static" msgstr "静态" @@ -2271,6 +2277,10 @@ msgstr "身份验证器验证阶段" msgid "Authenticator Validation Stages" msgstr "身份验证器验证阶段" +#: authentik/stages/authenticator_validate/stage.py +msgid "No (allowed) MFA authenticator configured." +msgstr "未配置(允许的)MFA 身份验证器。" + #: authentik/stages/authenticator_webauthn/models.py msgid "WebAuthn Authenticator Setup Stage" msgstr "WebAuthn 身份验证器设置阶段" @@ -2295,11 +2305,6 @@ msgstr "WebAuthn 设备类型" msgid "WebAuthn Device types" msgstr "WebAuthn 设备类型" -#: authentik/stages/authenticator_webauthn/stage.py -#, python-brace-format -msgid "Invalid device type. Contact your {brand} administrator for help." -msgstr "无效的设备类型。请联系您的 {brand} 管理员获得帮助。" - #: authentik/stages/captcha/models.py msgid "Public key, acquired your captcha Provider." msgstr "公钥,从您的验证码提供商处取得。" @@ -2902,6 +2907,14 @@ msgstr "启用时,所有由用户造成的事件会在相应用户被删除时 msgid "Globally enable/disable impersonation." msgstr "全局启用/禁用模拟身份。" +#: authentik/tenants/models.py +msgid "Default token duration" +msgstr "默认令牌持续时间" + +#: authentik/tenants/models.py +msgid "Default token length" +msgstr "默认令牌长度" + #: authentik/tenants/models.py msgid "Tenant" msgstr "租户" diff --git a/locale/zh_CN/LC_MESSAGES/django.po b/locale/zh_CN/LC_MESSAGES/django.po index a2b33304ec60..08bddff5d1c5 100644 --- a/locale/zh_CN/LC_MESSAGES/django.po +++ b/locale/zh_CN/LC_MESSAGES/django.po @@ -14,7 +14,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2024-04-09 00:08+0000\n" +"POT-Creation-Date: 2024-04-12 00:07+0000\n" "PO-Revision-Date: 2022-09-26 16:47+0000\n" "Last-Translator: deluxghost, 2024\n" "Language-Team: Chinese (China) (https://app.transifex.com/authentik/teams/119923/zh_CN/)\n" @@ -2222,6 +2222,12 @@ msgid "" "again." msgstr "无效的令牌。请确保设备上的时间准确并重试。" +#: authentik/stages/authenticator_validate/challenge.py +#: authentik/stages/authenticator_webauthn/stage.py +#, python-brace-format +msgid "Invalid device type. Contact your {brand} administrator for help." +msgstr "无效的设备类型。请联系您的 {brand} 管理员获得帮助。" + #: authentik/stages/authenticator_validate/models.py msgid "Static" msgstr "静态" @@ -2271,6 +2277,10 @@ msgstr "身份验证器验证阶段" msgid "Authenticator Validation Stages" msgstr "身份验证器验证阶段" +#: authentik/stages/authenticator_validate/stage.py +msgid "No (allowed) MFA authenticator configured." +msgstr "未配置(允许的)MFA 身份验证器。" + #: authentik/stages/authenticator_webauthn/models.py msgid "WebAuthn Authenticator Setup Stage" msgstr "WebAuthn 身份验证器设置阶段" @@ -2295,11 +2305,6 @@ msgstr "WebAuthn 设备类型" msgid "WebAuthn Device types" msgstr "WebAuthn 设备类型" -#: authentik/stages/authenticator_webauthn/stage.py -#, python-brace-format -msgid "Invalid device type. Contact your {brand} administrator for help." -msgstr "无效的设备类型。请联系您的 {brand} 管理员获得帮助。" - #: authentik/stages/captcha/models.py msgid "Public key, acquired your captcha Provider." msgstr "公钥,从您的验证码提供商处取得。" @@ -2902,6 +2907,14 @@ msgstr "启用时,所有由用户造成的事件会在相应用户被删除时 msgid "Globally enable/disable impersonation." msgstr "全局启用/禁用模拟身份。" +#: authentik/tenants/models.py +msgid "Default token duration" +msgstr "默认令牌持续时间" + +#: authentik/tenants/models.py +msgid "Default token length" +msgstr "默认令牌长度" + #: authentik/tenants/models.py msgid "Tenant" msgstr "租户" diff --git a/poetry.lock b/poetry.lock index 8f1abf580c46..2d54ebaa1d2a 100644 --- a/poetry.lock +++ b/poetry.lock @@ -1718,13 +1718,13 @@ idna = ">=2.5" [[package]] name = "idna" -version = "3.6" +version = "3.7" description = "Internationalized Domain Names in Applications (IDNA)" optional = false python-versions = ">=3.5" files = [ - {file = "idna-3.6-py3-none-any.whl", hash = "sha256:c05567e9c24a6b9faaa835c4821bad0590fbb9d5779e7caa6e1cc4978e7eb24f"}, - {file = "idna-3.6.tar.gz", hash = "sha256:9ecdbbd083b06798ae1e86adcbfe8ab1479cf864e4ee30fe4e46a003d12491ca"}, + {file = "idna-3.7-py3-none-any.whl", hash = "sha256:82fee1fc78add43492d3a1898bfa6d8a904cc97d8427f683ed8e798d07761aa0"}, + {file = "idna-3.7.tar.gz", hash = "sha256:028ff3aadf0609c1fd278d8ea3089299412a7a8b9bd005dd08b9f8285bcb5cfc"}, ] [[package]] @@ -2865,19 +2865,19 @@ files = [ [[package]] name = "pydantic" -version = "2.6.4" +version = "2.7.0" description = "Data validation using Python type hints" optional = false python-versions = ">=3.8" files = [ - {file = "pydantic-2.6.4-py3-none-any.whl", hash = "sha256:cc46fce86607580867bdc3361ad462bab9c222ef042d3da86f2fb333e1d916c5"}, - {file = "pydantic-2.6.4.tar.gz", hash = "sha256:b1704e0847db01817624a6b86766967f552dd9dbf3afba4004409f908dcc84e6"}, + {file = "pydantic-2.7.0-py3-none-any.whl", hash = "sha256:9dee74a271705f14f9a1567671d144a851c675b072736f0a7b2608fd9e495352"}, + {file = "pydantic-2.7.0.tar.gz", hash = "sha256:b5ecdd42262ca2462e2624793551e80911a1e989f462910bb81aef974b4bb383"}, ] [package.dependencies] annotated-types = ">=0.4.0" email-validator = {version = ">=2.0.0", optional = true, markers = "extra == \"email\""} -pydantic-core = "2.16.3" +pydantic-core = "2.18.1" typing-extensions = ">=4.6.1" [package.extras] @@ -2885,90 +2885,90 @@ email = ["email-validator (>=2.0.0)"] [[package]] name = "pydantic-core" -version = "2.16.3" -description = "" +version = "2.18.1" +description = "Core functionality for Pydantic validation and serialization" optional = false python-versions = ">=3.8" files = [ - {file = "pydantic_core-2.16.3-cp310-cp310-macosx_10_12_x86_64.whl", hash = "sha256:75b81e678d1c1ede0785c7f46690621e4c6e63ccd9192af1f0bd9d504bbb6bf4"}, - {file = "pydantic_core-2.16.3-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:9c865a7ee6f93783bd5d781af5a4c43dadc37053a5b42f7d18dc019f8c9d2bd1"}, - {file = "pydantic_core-2.16.3-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:162e498303d2b1c036b957a1278fa0899d02b2842f1ff901b6395104c5554a45"}, - {file = "pydantic_core-2.16.3-cp310-cp310-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:2f583bd01bbfbff4eaee0868e6fc607efdfcc2b03c1c766b06a707abbc856187"}, - {file = "pydantic_core-2.16.3-cp310-cp310-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:b926dd38db1519ed3043a4de50214e0d600d404099c3392f098a7f9d75029ff8"}, - {file = "pydantic_core-2.16.3-cp310-cp310-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:716b542728d4c742353448765aa7cdaa519a7b82f9564130e2b3f6766018c9ec"}, - {file = "pydantic_core-2.16.3-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:fc4ad7f7ee1a13d9cb49d8198cd7d7e3aa93e425f371a68235f784e99741561f"}, - {file = "pydantic_core-2.16.3-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:bd87f48924f360e5d1c5f770d6155ce0e7d83f7b4e10c2f9ec001c73cf475c99"}, - {file = "pydantic_core-2.16.3-cp310-cp310-musllinux_1_1_aarch64.whl", hash = "sha256:0df446663464884297c793874573549229f9eca73b59360878f382a0fc085979"}, - {file = "pydantic_core-2.16.3-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:4df8a199d9f6afc5ae9a65f8f95ee52cae389a8c6b20163762bde0426275b7db"}, - {file = "pydantic_core-2.16.3-cp310-none-win32.whl", hash = "sha256:456855f57b413f077dff513a5a28ed838dbbb15082ba00f80750377eed23d132"}, - {file = "pydantic_core-2.16.3-cp310-none-win_amd64.whl", hash = "sha256:732da3243e1b8d3eab8c6ae23ae6a58548849d2e4a4e03a1924c8ddf71a387cb"}, - {file = "pydantic_core-2.16.3-cp311-cp311-macosx_10_12_x86_64.whl", hash = "sha256:519ae0312616026bf4cedc0fe459e982734f3ca82ee8c7246c19b650b60a5ee4"}, - {file = "pydantic_core-2.16.3-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:b3992a322a5617ded0a9f23fd06dbc1e4bd7cf39bc4ccf344b10f80af58beacd"}, - {file = "pydantic_core-2.16.3-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:8d62da299c6ecb04df729e4b5c52dc0d53f4f8430b4492b93aa8de1f541c4aac"}, - {file = "pydantic_core-2.16.3-cp311-cp311-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:2acca2be4bb2f2147ada8cac612f8a98fc09f41c89f87add7256ad27332c2fda"}, - {file = "pydantic_core-2.16.3-cp311-cp311-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:1b662180108c55dfbf1280d865b2d116633d436cfc0bba82323554873967b340"}, - {file = "pydantic_core-2.16.3-cp311-cp311-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:e7c6ed0dc9d8e65f24f5824291550139fe6f37fac03788d4580da0d33bc00c97"}, - {file = "pydantic_core-2.16.3-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:a6b1bb0827f56654b4437955555dc3aeeebeddc47c2d7ed575477f082622c49e"}, - {file = "pydantic_core-2.16.3-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:e56f8186d6210ac7ece503193ec84104da7ceb98f68ce18c07282fcc2452e76f"}, - {file = "pydantic_core-2.16.3-cp311-cp311-musllinux_1_1_aarch64.whl", hash = "sha256:936e5db01dd49476fa8f4383c259b8b1303d5dd5fb34c97de194560698cc2c5e"}, - {file = "pydantic_core-2.16.3-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:33809aebac276089b78db106ee692bdc9044710e26f24a9a2eaa35a0f9fa70ba"}, - {file = "pydantic_core-2.16.3-cp311-none-win32.whl", hash = "sha256:ded1c35f15c9dea16ead9bffcde9bb5c7c031bff076355dc58dcb1cb436c4721"}, - {file = "pydantic_core-2.16.3-cp311-none-win_amd64.whl", hash = "sha256:d89ca19cdd0dd5f31606a9329e309d4fcbb3df860960acec32630297d61820df"}, - {file = "pydantic_core-2.16.3-cp311-none-win_arm64.whl", hash = "sha256:6162f8d2dc27ba21027f261e4fa26f8bcb3cf9784b7f9499466a311ac284b5b9"}, - {file = "pydantic_core-2.16.3-cp312-cp312-macosx_10_12_x86_64.whl", hash = "sha256:0f56ae86b60ea987ae8bcd6654a887238fd53d1384f9b222ac457070b7ac4cff"}, - {file = "pydantic_core-2.16.3-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:c9bd22a2a639e26171068f8ebb5400ce2c1bc7d17959f60a3b753ae13c632975"}, - {file = "pydantic_core-2.16.3-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:4204e773b4b408062960e65468d5346bdfe139247ee5f1ca2a378983e11388a2"}, - {file = "pydantic_core-2.16.3-cp312-cp312-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:f651dd19363c632f4abe3480a7c87a9773be27cfe1341aef06e8759599454120"}, - {file = "pydantic_core-2.16.3-cp312-cp312-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:aaf09e615a0bf98d406657e0008e4a8701b11481840be7d31755dc9f97c44053"}, - {file = "pydantic_core-2.16.3-cp312-cp312-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:8e47755d8152c1ab5b55928ab422a76e2e7b22b5ed8e90a7d584268dd49e9c6b"}, - {file = "pydantic_core-2.16.3-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:500960cb3a0543a724a81ba859da816e8cf01b0e6aaeedf2c3775d12ee49cade"}, - {file = "pydantic_core-2.16.3-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:cf6204fe865da605285c34cf1172879d0314ff267b1c35ff59de7154f35fdc2e"}, - {file = "pydantic_core-2.16.3-cp312-cp312-musllinux_1_1_aarch64.whl", hash = "sha256:d33dd21f572545649f90c38c227cc8631268ba25c460b5569abebdd0ec5974ca"}, - {file = "pydantic_core-2.16.3-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:49d5d58abd4b83fb8ce763be7794d09b2f50f10aa65c0f0c1696c677edeb7cbf"}, - {file = "pydantic_core-2.16.3-cp312-none-win32.whl", hash = "sha256:f53aace168a2a10582e570b7736cc5bef12cae9cf21775e3eafac597e8551fbe"}, - {file = "pydantic_core-2.16.3-cp312-none-win_amd64.whl", hash = "sha256:0d32576b1de5a30d9a97f300cc6a3f4694c428d956adbc7e6e2f9cad279e45ed"}, - {file = "pydantic_core-2.16.3-cp312-none-win_arm64.whl", hash = "sha256:ec08be75bb268473677edb83ba71e7e74b43c008e4a7b1907c6d57e940bf34b6"}, - {file = "pydantic_core-2.16.3-cp38-cp38-macosx_10_12_x86_64.whl", hash = "sha256:b1f6f5938d63c6139860f044e2538baeee6f0b251a1816e7adb6cbce106a1f01"}, - {file = "pydantic_core-2.16.3-cp38-cp38-macosx_11_0_arm64.whl", hash = "sha256:2a1ef6a36fdbf71538142ed604ad19b82f67b05749512e47f247a6ddd06afdc7"}, - {file = "pydantic_core-2.16.3-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:704d35ecc7e9c31d48926150afada60401c55efa3b46cd1ded5a01bdffaf1d48"}, - {file = "pydantic_core-2.16.3-cp38-cp38-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:d937653a696465677ed583124b94a4b2d79f5e30b2c46115a68e482c6a591c8a"}, - {file = "pydantic_core-2.16.3-cp38-cp38-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:c9803edf8e29bd825f43481f19c37f50d2b01899448273b3a7758441b512acf8"}, - {file = "pydantic_core-2.16.3-cp38-cp38-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:72282ad4892a9fb2da25defeac8c2e84352c108705c972db82ab121d15f14e6d"}, - {file = "pydantic_core-2.16.3-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:7f752826b5b8361193df55afcdf8ca6a57d0232653494ba473630a83ba50d8c9"}, - {file = "pydantic_core-2.16.3-cp38-cp38-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:4384a8f68ddb31a0b0c3deae88765f5868a1b9148939c3f4121233314ad5532c"}, - {file = "pydantic_core-2.16.3-cp38-cp38-musllinux_1_1_aarch64.whl", hash = "sha256:a4b2bf78342c40b3dc830880106f54328928ff03e357935ad26c7128bbd66ce8"}, - {file = "pydantic_core-2.16.3-cp38-cp38-musllinux_1_1_x86_64.whl", hash = "sha256:13dcc4802961b5f843a9385fc821a0b0135e8c07fc3d9949fd49627c1a5e6ae5"}, - {file = "pydantic_core-2.16.3-cp38-none-win32.whl", hash = "sha256:e3e70c94a0c3841e6aa831edab1619ad5c511199be94d0c11ba75fe06efe107a"}, - {file = "pydantic_core-2.16.3-cp38-none-win_amd64.whl", hash = "sha256:ecdf6bf5f578615f2e985a5e1f6572e23aa632c4bd1dc67f8f406d445ac115ed"}, - {file = "pydantic_core-2.16.3-cp39-cp39-macosx_10_12_x86_64.whl", hash = "sha256:bda1ee3e08252b8d41fa5537413ffdddd58fa73107171a126d3b9ff001b9b820"}, - {file = "pydantic_core-2.16.3-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:21b888c973e4f26b7a96491c0965a8a312e13be108022ee510248fe379a5fa23"}, - {file = "pydantic_core-2.16.3-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:be0ec334369316fa73448cc8c982c01e5d2a81c95969d58b8f6e272884df0074"}, - {file = "pydantic_core-2.16.3-cp39-cp39-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:b5b6079cc452a7c53dd378c6f881ac528246b3ac9aae0f8eef98498a75657805"}, - {file = "pydantic_core-2.16.3-cp39-cp39-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:7ee8d5f878dccb6d499ba4d30d757111847b6849ae07acdd1205fffa1fc1253c"}, - {file = "pydantic_core-2.16.3-cp39-cp39-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:7233d65d9d651242a68801159763d09e9ec96e8a158dbf118dc090cd77a104c9"}, - {file = "pydantic_core-2.16.3-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:c6119dc90483a5cb50a1306adb8d52c66e447da88ea44f323e0ae1a5fcb14256"}, - {file = "pydantic_core-2.16.3-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:578114bc803a4c1ff9946d977c221e4376620a46cf78da267d946397dc9514a8"}, - {file = "pydantic_core-2.16.3-cp39-cp39-musllinux_1_1_aarch64.whl", hash = "sha256:d8f99b147ff3fcf6b3cc60cb0c39ea443884d5559a30b1481e92495f2310ff2b"}, - {file = "pydantic_core-2.16.3-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:4ac6b4ce1e7283d715c4b729d8f9dab9627586dafce81d9eaa009dd7f25dd972"}, - {file = "pydantic_core-2.16.3-cp39-none-win32.whl", hash = "sha256:e7774b570e61cb998490c5235740d475413a1f6de823169b4cf94e2fe9e9f6b2"}, - {file = "pydantic_core-2.16.3-cp39-none-win_amd64.whl", hash = "sha256:9091632a25b8b87b9a605ec0e61f241c456e9248bfdcf7abdf344fdb169c81cf"}, - {file = "pydantic_core-2.16.3-pp310-pypy310_pp73-macosx_10_12_x86_64.whl", hash = "sha256:36fa178aacbc277bc6b62a2c3da95226520da4f4e9e206fdf076484363895d2c"}, - {file = "pydantic_core-2.16.3-pp310-pypy310_pp73-macosx_11_0_arm64.whl", hash = "sha256:dcca5d2bf65c6fb591fff92da03f94cd4f315972f97c21975398bd4bd046854a"}, - {file = "pydantic_core-2.16.3-pp310-pypy310_pp73-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:2a72fb9963cba4cd5793854fd12f4cfee731e86df140f59ff52a49b3552db241"}, - {file = "pydantic_core-2.16.3-pp310-pypy310_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:b60cc1a081f80a2105a59385b92d82278b15d80ebb3adb200542ae165cd7d183"}, - {file = "pydantic_core-2.16.3-pp310-pypy310_pp73-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:cbcc558401de90a746d02ef330c528f2e668c83350f045833543cd57ecead1ad"}, - {file = "pydantic_core-2.16.3-pp310-pypy310_pp73-musllinux_1_1_aarch64.whl", hash = "sha256:fee427241c2d9fb7192b658190f9f5fd6dfe41e02f3c1489d2ec1e6a5ab1e04a"}, - {file = "pydantic_core-2.16.3-pp310-pypy310_pp73-musllinux_1_1_x86_64.whl", hash = "sha256:f4cb85f693044e0f71f394ff76c98ddc1bc0953e48c061725e540396d5c8a2e1"}, - {file = "pydantic_core-2.16.3-pp310-pypy310_pp73-win_amd64.whl", hash = "sha256:b29eeb887aa931c2fcef5aa515d9d176d25006794610c264ddc114c053bf96fe"}, - {file = "pydantic_core-2.16.3-pp39-pypy39_pp73-macosx_10_12_x86_64.whl", hash = "sha256:a425479ee40ff021f8216c9d07a6a3b54b31c8267c6e17aa88b70d7ebd0e5e5b"}, - {file = "pydantic_core-2.16.3-pp39-pypy39_pp73-macosx_11_0_arm64.whl", hash = "sha256:5c5cbc703168d1b7a838668998308018a2718c2130595e8e190220238addc96f"}, - {file = "pydantic_core-2.16.3-pp39-pypy39_pp73-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:99b6add4c0b39a513d323d3b93bc173dac663c27b99860dd5bf491b240d26137"}, - {file = "pydantic_core-2.16.3-pp39-pypy39_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:75f76ee558751746d6a38f89d60b6228fa174e5172d143886af0f85aa306fd89"}, - {file = "pydantic_core-2.16.3-pp39-pypy39_pp73-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:00ee1c97b5364b84cb0bd82e9bbf645d5e2871fb8c58059d158412fee2d33d8a"}, - {file = "pydantic_core-2.16.3-pp39-pypy39_pp73-musllinux_1_1_aarch64.whl", hash = "sha256:287073c66748f624be4cef893ef9174e3eb88fe0b8a78dc22e88eca4bc357ca6"}, - {file = "pydantic_core-2.16.3-pp39-pypy39_pp73-musllinux_1_1_x86_64.whl", hash = "sha256:ed25e1835c00a332cb10c683cd39da96a719ab1dfc08427d476bce41b92531fc"}, - {file = "pydantic_core-2.16.3-pp39-pypy39_pp73-win_amd64.whl", hash = "sha256:86b3d0033580bd6bbe07590152007275bd7af95f98eaa5bd36f3da219dcd93da"}, - {file = "pydantic_core-2.16.3.tar.gz", hash = "sha256:1cac689f80a3abab2d3c0048b29eea5751114054f032a941a32de4c852c59cad"}, + {file = "pydantic_core-2.18.1-cp310-cp310-macosx_10_12_x86_64.whl", hash = "sha256:ee9cf33e7fe14243f5ca6977658eb7d1042caaa66847daacbd2117adb258b226"}, + {file = "pydantic_core-2.18.1-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:6b7bbb97d82659ac8b37450c60ff2e9f97e4eb0f8a8a3645a5568b9334b08b50"}, + {file = "pydantic_core-2.18.1-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:df4249b579e75094f7e9bb4bd28231acf55e308bf686b952f43100a5a0be394c"}, + {file = "pydantic_core-2.18.1-cp310-cp310-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:d0491006a6ad20507aec2be72e7831a42efc93193d2402018007ff827dc62926"}, + {file = "pydantic_core-2.18.1-cp310-cp310-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:2ae80f72bb7a3e397ab37b53a2b49c62cc5496412e71bc4f1277620a7ce3f52b"}, + {file = "pydantic_core-2.18.1-cp310-cp310-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:58aca931bef83217fca7a390e0486ae327c4af9c3e941adb75f8772f8eeb03a1"}, + {file = "pydantic_core-2.18.1-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:1be91ad664fc9245404a789d60cba1e91c26b1454ba136d2a1bf0c2ac0c0505a"}, + {file = "pydantic_core-2.18.1-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:667880321e916a8920ef49f5d50e7983792cf59f3b6079f3c9dac2b88a311d17"}, + {file = "pydantic_core-2.18.1-cp310-cp310-musllinux_1_1_aarch64.whl", hash = "sha256:f7054fdc556f5421f01e39cbb767d5ec5c1139ea98c3e5b350e02e62201740c7"}, + {file = "pydantic_core-2.18.1-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:030e4f9516f9947f38179249778709a460a3adb516bf39b5eb9066fcfe43d0e6"}, + {file = "pydantic_core-2.18.1-cp310-none-win32.whl", hash = "sha256:2e91711e36e229978d92642bfc3546333a9127ecebb3f2761372e096395fc649"}, + {file = "pydantic_core-2.18.1-cp310-none-win_amd64.whl", hash = "sha256:9a29726f91c6cb390b3c2338f0df5cd3e216ad7a938762d11c994bb37552edb0"}, + {file = "pydantic_core-2.18.1-cp311-cp311-macosx_10_12_x86_64.whl", hash = "sha256:9ece8a49696669d483d206b4474c367852c44815fca23ac4e48b72b339807f80"}, + {file = "pydantic_core-2.18.1-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:7a5d83efc109ceddb99abd2c1316298ced2adb4570410defe766851a804fcd5b"}, + {file = "pydantic_core-2.18.1-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:5f7973c381283783cd1043a8c8f61ea5ce7a3a58b0369f0ee0ee975eaf2f2a1b"}, + {file = "pydantic_core-2.18.1-cp311-cp311-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:54c7375c62190a7845091f521add19b0f026bcf6ae674bdb89f296972272e86d"}, + {file = "pydantic_core-2.18.1-cp311-cp311-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:dd63cec4e26e790b70544ae5cc48d11b515b09e05fdd5eff12e3195f54b8a586"}, + {file = "pydantic_core-2.18.1-cp311-cp311-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:561cf62c8a3498406495cfc49eee086ed2bb186d08bcc65812b75fda42c38294"}, + {file = "pydantic_core-2.18.1-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:68717c38a68e37af87c4da20e08f3e27d7e4212e99e96c3d875fbf3f4812abfc"}, + {file = "pydantic_core-2.18.1-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:2d5728e93d28a3c63ee513d9ffbac9c5989de8c76e049dbcb5bfe4b923a9739d"}, + {file = "pydantic_core-2.18.1-cp311-cp311-musllinux_1_1_aarch64.whl", hash = "sha256:f0f17814c505f07806e22b28856c59ac80cee7dd0fbb152aed273e116378f519"}, + {file = "pydantic_core-2.18.1-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:d816f44a51ba5175394bc6c7879ca0bd2be560b2c9e9f3411ef3a4cbe644c2e9"}, + {file = "pydantic_core-2.18.1-cp311-none-win32.whl", hash = "sha256:09f03dfc0ef8c22622eaa8608caa4a1e189cfb83ce847045eca34f690895eccb"}, + {file = "pydantic_core-2.18.1-cp311-none-win_amd64.whl", hash = "sha256:27f1009dc292f3b7ca77feb3571c537276b9aad5dd4efb471ac88a8bd09024e9"}, + {file = "pydantic_core-2.18.1-cp311-none-win_arm64.whl", hash = "sha256:48dd883db92e92519201f2b01cafa881e5f7125666141a49ffba8b9facc072b0"}, + {file = "pydantic_core-2.18.1-cp312-cp312-macosx_10_12_x86_64.whl", hash = "sha256:b6b0e4912030c6f28bcb72b9ebe4989d6dc2eebcd2a9cdc35fefc38052dd4fe8"}, + {file = "pydantic_core-2.18.1-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:f3202a429fe825b699c57892d4371c74cc3456d8d71b7f35d6028c96dfecad31"}, + {file = "pydantic_core-2.18.1-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:a3982b0a32d0a88b3907e4b0dc36809fda477f0757c59a505d4e9b455f384b8b"}, + {file = "pydantic_core-2.18.1-cp312-cp312-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:25595ac311f20e5324d1941909b0d12933f1fd2171075fcff763e90f43e92a0d"}, + {file = "pydantic_core-2.18.1-cp312-cp312-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:14fe73881cf8e4cbdaded8ca0aa671635b597e42447fec7060d0868b52d074e6"}, + {file = "pydantic_core-2.18.1-cp312-cp312-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:ca976884ce34070799e4dfc6fbd68cb1d181db1eefe4a3a94798ddfb34b8867f"}, + {file = "pydantic_core-2.18.1-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:684d840d2c9ec5de9cb397fcb3f36d5ebb6fa0d94734f9886032dd796c1ead06"}, + {file = "pydantic_core-2.18.1-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:54764c083bbe0264f0f746cefcded6cb08fbbaaf1ad1d78fb8a4c30cff999a90"}, + {file = "pydantic_core-2.18.1-cp312-cp312-musllinux_1_1_aarch64.whl", hash = "sha256:201713f2f462e5c015b343e86e68bd8a530a4f76609b33d8f0ec65d2b921712a"}, + {file = "pydantic_core-2.18.1-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:fd1a9edb9dd9d79fbeac1ea1f9a8dd527a6113b18d2e9bcc0d541d308dae639b"}, + {file = "pydantic_core-2.18.1-cp312-none-win32.whl", hash = "sha256:d5e6b7155b8197b329dc787356cfd2684c9d6a6b1a197f6bbf45f5555a98d411"}, + {file = "pydantic_core-2.18.1-cp312-none-win_amd64.whl", hash = "sha256:9376d83d686ec62e8b19c0ac3bf8d28d8a5981d0df290196fb6ef24d8a26f0d6"}, + {file = "pydantic_core-2.18.1-cp312-none-win_arm64.whl", hash = "sha256:c562b49c96906b4029b5685075fe1ebd3b5cc2601dfa0b9e16c2c09d6cbce048"}, + {file = "pydantic_core-2.18.1-cp38-cp38-macosx_10_12_x86_64.whl", hash = "sha256:3e352f0191d99fe617371096845070dee295444979efb8f27ad941227de6ad09"}, + {file = "pydantic_core-2.18.1-cp38-cp38-macosx_11_0_arm64.whl", hash = "sha256:c0295d52b012cbe0d3059b1dba99159c3be55e632aae1999ab74ae2bd86a33d7"}, + {file = "pydantic_core-2.18.1-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:56823a92075780582d1ffd4489a2e61d56fd3ebb4b40b713d63f96dd92d28144"}, + {file = "pydantic_core-2.18.1-cp38-cp38-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:dd3f79e17b56741b5177bcc36307750d50ea0698df6aa82f69c7db32d968c1c2"}, + {file = "pydantic_core-2.18.1-cp38-cp38-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:38a5024de321d672a132b1834a66eeb7931959c59964b777e8f32dbe9523f6b1"}, + {file = "pydantic_core-2.18.1-cp38-cp38-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:d2ce426ee691319d4767748c8e0895cfc56593d725594e415f274059bcf3cb76"}, + {file = "pydantic_core-2.18.1-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:2adaeea59849ec0939af5c5d476935f2bab4b7f0335b0110f0f069a41024278e"}, + {file = "pydantic_core-2.18.1-cp38-cp38-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:9b6431559676a1079eac0f52d6d0721fb8e3c5ba43c37bc537c8c83724031feb"}, + {file = "pydantic_core-2.18.1-cp38-cp38-musllinux_1_1_aarch64.whl", hash = "sha256:85233abb44bc18d16e72dc05bf13848a36f363f83757541f1a97db2f8d58cfd9"}, + {file = "pydantic_core-2.18.1-cp38-cp38-musllinux_1_1_x86_64.whl", hash = "sha256:641a018af4fe48be57a2b3d7a1f0f5dbca07c1d00951d3d7463f0ac9dac66622"}, + {file = "pydantic_core-2.18.1-cp38-none-win32.whl", hash = "sha256:63d7523cd95d2fde0d28dc42968ac731b5bb1e516cc56b93a50ab293f4daeaad"}, + {file = "pydantic_core-2.18.1-cp38-none-win_amd64.whl", hash = "sha256:907a4d7720abfcb1c81619863efd47c8a85d26a257a2dbebdb87c3b847df0278"}, + {file = "pydantic_core-2.18.1-cp39-cp39-macosx_10_12_x86_64.whl", hash = "sha256:aad17e462f42ddbef5984d70c40bfc4146c322a2da79715932cd8976317054de"}, + {file = "pydantic_core-2.18.1-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:94b9769ba435b598b547c762184bcfc4783d0d4c7771b04a3b45775c3589ca44"}, + {file = "pydantic_core-2.18.1-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:80e0e57cc704a52fb1b48f16d5b2c8818da087dbee6f98d9bf19546930dc64b5"}, + {file = "pydantic_core-2.18.1-cp39-cp39-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:76b86e24039c35280ceee6dce7e62945eb93a5175d43689ba98360ab31eebc4a"}, + {file = "pydantic_core-2.18.1-cp39-cp39-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:12a05db5013ec0ca4a32cc6433f53faa2a014ec364031408540ba858c2172bb0"}, + {file = "pydantic_core-2.18.1-cp39-cp39-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:250ae39445cb5475e483a36b1061af1bc233de3e9ad0f4f76a71b66231b07f88"}, + {file = "pydantic_core-2.18.1-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:a32204489259786a923e02990249c65b0f17235073149d0033efcebe80095570"}, + {file = "pydantic_core-2.18.1-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:6395a4435fa26519fd96fdccb77e9d00ddae9dd6c742309bd0b5610609ad7fb2"}, + {file = "pydantic_core-2.18.1-cp39-cp39-musllinux_1_1_aarch64.whl", hash = "sha256:2533ad2883f001efa72f3d0e733fb846710c3af6dcdd544fe5bf14fa5fe2d7db"}, + {file = "pydantic_core-2.18.1-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:b560b72ed4816aee52783c66854d96157fd8175631f01ef58e894cc57c84f0f6"}, + {file = "pydantic_core-2.18.1-cp39-none-win32.whl", hash = "sha256:582cf2cead97c9e382a7f4d3b744cf0ef1a6e815e44d3aa81af3ad98762f5a9b"}, + {file = "pydantic_core-2.18.1-cp39-none-win_amd64.whl", hash = "sha256:ca71d501629d1fa50ea7fa3b08ba884fe10cefc559f5c6c8dfe9036c16e8ae89"}, + {file = "pydantic_core-2.18.1-pp310-pypy310_pp73-macosx_10_12_x86_64.whl", hash = "sha256:e178e5b66a06ec5bf51668ec0d4ac8cfb2bdcb553b2c207d58148340efd00143"}, + {file = "pydantic_core-2.18.1-pp310-pypy310_pp73-macosx_11_0_arm64.whl", hash = "sha256:72722ce529a76a4637a60be18bd789d8fb871e84472490ed7ddff62d5fed620d"}, + {file = "pydantic_core-2.18.1-pp310-pypy310_pp73-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:2fe0c1ce5b129455e43f941f7a46f61f3d3861e571f2905d55cdbb8b5c6f5e2c"}, + {file = "pydantic_core-2.18.1-pp310-pypy310_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:d4284c621f06a72ce2cb55f74ea3150113d926a6eb78ab38340c08f770eb9b4d"}, + {file = "pydantic_core-2.18.1-pp310-pypy310_pp73-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:1a0c3e718f4e064efde68092d9d974e39572c14e56726ecfaeebbe6544521f47"}, + {file = "pydantic_core-2.18.1-pp310-pypy310_pp73-musllinux_1_1_aarch64.whl", hash = "sha256:2027493cc44c23b598cfaf200936110433d9caa84e2c6cf487a83999638a96ac"}, + {file = "pydantic_core-2.18.1-pp310-pypy310_pp73-musllinux_1_1_x86_64.whl", hash = "sha256:76909849d1a6bffa5a07742294f3fa1d357dc917cb1fe7b470afbc3a7579d539"}, + {file = "pydantic_core-2.18.1-pp310-pypy310_pp73-win_amd64.whl", hash = "sha256:ee7ccc7fb7e921d767f853b47814c3048c7de536663e82fbc37f5eb0d532224b"}, + {file = "pydantic_core-2.18.1-pp39-pypy39_pp73-macosx_10_12_x86_64.whl", hash = "sha256:ee2794111c188548a4547eccc73a6a8527fe2af6cf25e1a4ebda2fd01cdd2e60"}, + {file = "pydantic_core-2.18.1-pp39-pypy39_pp73-macosx_11_0_arm64.whl", hash = "sha256:a139fe9f298dc097349fb4f28c8b81cc7a202dbfba66af0e14be5cfca4ef7ce5"}, + {file = "pydantic_core-2.18.1-pp39-pypy39_pp73-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:d074b07a10c391fc5bbdcb37b2f16f20fcd9e51e10d01652ab298c0d07908ee2"}, + {file = "pydantic_core-2.18.1-pp39-pypy39_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:c69567ddbac186e8c0aadc1f324a60a564cfe25e43ef2ce81bcc4b8c3abffbae"}, + {file = "pydantic_core-2.18.1-pp39-pypy39_pp73-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:baf1c7b78cddb5af00971ad5294a4583188bda1495b13760d9f03c9483bb6203"}, + {file = "pydantic_core-2.18.1-pp39-pypy39_pp73-musllinux_1_1_aarch64.whl", hash = "sha256:2684a94fdfd1b146ff10689c6e4e815f6a01141781c493b97342cdc5b06f4d5d"}, + {file = "pydantic_core-2.18.1-pp39-pypy39_pp73-musllinux_1_1_x86_64.whl", hash = "sha256:73c1bc8a86a5c9e8721a088df234265317692d0b5cd9e86e975ce3bc3db62a59"}, + {file = "pydantic_core-2.18.1-pp39-pypy39_pp73-win_amd64.whl", hash = "sha256:e60defc3c15defb70bb38dd605ff7e0fae5f6c9c7cbfe0ad7868582cb7e844a6"}, + {file = "pydantic_core-2.18.1.tar.gz", hash = "sha256:de9d3e8717560eb05e28739d1b35e4eac2e458553a52a301e51352a7ffc86a35"}, ] [package.dependencies] @@ -3524,28 +3524,28 @@ pyasn1 = ">=0.1.3" [[package]] name = "ruff" -version = "0.3.5" +version = "0.3.7" description = "An extremely fast Python linter and code formatter, written in Rust." optional = false python-versions = ">=3.7" files = [ - {file = "ruff-0.3.5-py3-none-macosx_10_12_x86_64.macosx_11_0_arm64.macosx_10_12_universal2.whl", hash = "sha256:aef5bd3b89e657007e1be6b16553c8813b221ff6d92c7526b7e0227450981eac"}, - {file = "ruff-0.3.5-py3-none-macosx_10_12_x86_64.whl", hash = "sha256:89b1e92b3bd9fca249153a97d23f29bed3992cff414b222fcd361d763fc53f12"}, - {file = "ruff-0.3.5-py3-none-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:5e55771559c89272c3ebab23326dc23e7f813e492052391fe7950c1a5a139d89"}, - {file = "ruff-0.3.5-py3-none-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:dabc62195bf54b8a7876add6e789caae0268f34582333cda340497c886111c39"}, - {file = "ruff-0.3.5-py3-none-manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:3a05f3793ba25f194f395578579c546ca5d83e0195f992edc32e5907d142bfa3"}, - {file = "ruff-0.3.5-py3-none-manylinux_2_17_ppc64.manylinux2014_ppc64.whl", hash = "sha256:dfd3504e881082959b4160ab02f7a205f0fadc0a9619cc481982b6837b2fd4c0"}, - {file = "ruff-0.3.5-py3-none-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:87258e0d4b04046cf1d6cc1c56fadbf7a880cc3de1f7294938e923234cf9e498"}, - {file = "ruff-0.3.5-py3-none-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:712e71283fc7d9f95047ed5f793bc019b0b0a29849b14664a60fd66c23b96da1"}, - {file = "ruff-0.3.5-py3-none-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:a532a90b4a18d3f722c124c513ffb5e5eaff0cc4f6d3aa4bda38e691b8600c9f"}, - {file = "ruff-0.3.5-py3-none-musllinux_1_2_aarch64.whl", hash = "sha256:122de171a147c76ada00f76df533b54676f6e321e61bd8656ae54be326c10296"}, - {file = "ruff-0.3.5-py3-none-musllinux_1_2_armv7l.whl", hash = "sha256:d80a6b18a6c3b6ed25b71b05eba183f37d9bc8b16ace9e3d700997f00b74660b"}, - {file = "ruff-0.3.5-py3-none-musllinux_1_2_i686.whl", hash = "sha256:a7b6e63194c68bca8e71f81de30cfa6f58ff70393cf45aab4c20f158227d5936"}, - {file = "ruff-0.3.5-py3-none-musllinux_1_2_x86_64.whl", hash = "sha256:a759d33a20c72f2dfa54dae6e85e1225b8e302e8ac655773aff22e542a300985"}, - {file = "ruff-0.3.5-py3-none-win32.whl", hash = "sha256:9d8605aa990045517c911726d21293ef4baa64f87265896e491a05461cae078d"}, - {file = "ruff-0.3.5-py3-none-win_amd64.whl", hash = "sha256:dc56bb16a63c1303bd47563c60482a1512721053d93231cf7e9e1c6954395a0e"}, - {file = "ruff-0.3.5-py3-none-win_arm64.whl", hash = "sha256:faeeae9905446b975dcf6d4499dc93439b131f1443ee264055c5716dd947af55"}, - {file = "ruff-0.3.5.tar.gz", hash = "sha256:a067daaeb1dc2baf9b82a32dae67d154d95212080c80435eb052d95da647763d"}, + {file = "ruff-0.3.7-py3-none-macosx_10_12_x86_64.macosx_11_0_arm64.macosx_10_12_universal2.whl", hash = "sha256:0e8377cccb2f07abd25e84fc5b2cbe48eeb0fea9f1719cad7caedb061d70e5ce"}, + {file = "ruff-0.3.7-py3-none-macosx_10_12_x86_64.whl", hash = "sha256:15a4d1cc1e64e556fa0d67bfd388fed416b7f3b26d5d1c3e7d192c897e39ba4b"}, + {file = "ruff-0.3.7-py3-none-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:d28bdf3d7dc71dd46929fafeec98ba89b7c3550c3f0978e36389b5631b793663"}, + {file = "ruff-0.3.7-py3-none-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:379b67d4f49774ba679593b232dcd90d9e10f04d96e3c8ce4a28037ae473f7bb"}, + {file = "ruff-0.3.7-py3-none-manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:c060aea8ad5ef21cdfbbe05475ab5104ce7827b639a78dd55383a6e9895b7c51"}, + {file = "ruff-0.3.7-py3-none-manylinux_2_17_ppc64.manylinux2014_ppc64.whl", hash = "sha256:ebf8f615dde968272d70502c083ebf963b6781aacd3079081e03b32adfe4d58a"}, + {file = "ruff-0.3.7-py3-none-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:d48098bd8f5c38897b03604f5428901b65e3c97d40b3952e38637b5404b739a2"}, + {file = "ruff-0.3.7-py3-none-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:da8a4fda219bf9024692b1bc68c9cff4b80507879ada8769dc7e985755d662ea"}, + {file = "ruff-0.3.7-py3-none-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:6c44e0149f1d8b48c4d5c33d88c677a4aa22fd09b1683d6a7ff55b816b5d074f"}, + {file = "ruff-0.3.7-py3-none-musllinux_1_2_aarch64.whl", hash = "sha256:3050ec0af72b709a62ecc2aca941b9cd479a7bf2b36cc4562f0033d688e44fa1"}, + {file = "ruff-0.3.7-py3-none-musllinux_1_2_armv7l.whl", hash = "sha256:a29cc38e4c1ab00da18a3f6777f8b50099d73326981bb7d182e54a9a21bb4ff7"}, + {file = "ruff-0.3.7-py3-none-musllinux_1_2_i686.whl", hash = "sha256:5b15cc59c19edca917f51b1956637db47e200b0fc5e6e1878233d3a938384b0b"}, + {file = "ruff-0.3.7-py3-none-musllinux_1_2_x86_64.whl", hash = "sha256:e491045781b1e38b72c91247cf4634f040f8d0cb3e6d3d64d38dcf43616650b4"}, + {file = "ruff-0.3.7-py3-none-win32.whl", hash = "sha256:bc931de87593d64fad3a22e201e55ad76271f1d5bfc44e1a1887edd0903c7d9f"}, + {file = "ruff-0.3.7-py3-none-win_amd64.whl", hash = "sha256:5ef0e501e1e39f35e03c2acb1d1238c595b8bb36cf7a170e7c1df1b73da00e74"}, + {file = "ruff-0.3.7-py3-none-win_arm64.whl", hash = "sha256:789e144f6dc7019d1f92a812891c645274ed08af6037d11fc65fcbc183b7d59f"}, + {file = "ruff-0.3.7.tar.gz", hash = "sha256:d5c1aebee5162c2226784800ae031f660c350e7a3402c4d1f8ea4e97e232e3ba"}, ] [[package]] diff --git a/pyproject.toml b/pyproject.toml index 686565cd5dcb..646b6c0e2996 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -76,7 +76,7 @@ show_missing = true DJANGO_SETTINGS_MODULE = "authentik.root.settings" python_files = ["tests.py", "test_*.py", "*_tests.py"] junit_family = "xunit2" -addopts = "-p no:celery --junitxml=unittest.xml -vv --full-trace --doctest-modules" +addopts = "-p no:celery -p authentik.root.test_plugin --junitxml=unittest.xml -vv --full-trace --doctest-modules" filterwarnings = [ "ignore:defusedxml.lxml is no longer supported and will be removed in a future release.:DeprecationWarning", "ignore:SelectableGroups dict interface is deprecated. Use select.:DeprecationWarning", diff --git a/schema.yml b/schema.yml index a0460cd26101..d936c0009fff 100644 --- a/schema.yml +++ b/schema.yml @@ -44397,9 +44397,7 @@ components: authentik_providers_scim.scimprovider: '#/components/schemas/SCIMProviderRequest' securitySchemes: authentik: - type: apiKey - in: header - name: Authorization + type: http scheme: bearer servers: - url: /api/v3/ diff --git a/web/package-lock.json b/web/package-lock.json index 3d0533cf28a8..71a7662f956f 100644 --- a/web/package-lock.json +++ b/web/package-lock.json @@ -17,7 +17,7 @@ "@codemirror/theme-one-dark": "^6.1.2", "@formatjs/intl-listformat": "^7.5.5", "@fortawesome/fontawesome-free": "^6.5.2", - "@goauthentik/api": "^2024.2.2-1712833826", + "@goauthentik/api": "^2024.2.2-1712922569", "@lit-labs/task": "^3.1.0", "@lit/context": "^1.1.0", "@lit/localize": "^0.12.1", @@ -25,7 +25,7 @@ "@open-wc/lit-helpers": "^0.7.0", "@patternfly/elements": "^3.0.0", "@patternfly/patternfly": "^4.224.2", - "@sentry/browser": "^7.109.0", + "@sentry/browser": "^7.110.0", "@webcomponents/webcomponentsjs": "^2.8.0", "base64-js": "^1.5.1", "chart.js": "^4.4.2", @@ -2840,9 +2840,9 @@ } }, "node_modules/@goauthentik/api": { - "version": "2024.2.2-1712833826", - "resolved": "https://registry.npmjs.org/@goauthentik/api/-/api-2024.2.2-1712833826.tgz", - "integrity": "sha512-0DmJ/GqGvj2mQ3IuA8YBERbj/E1o1HzS+wYIAbZzGAydocKH9g7Hn9h47eDU2lTgUu1N1DDOvYkXAsdqCFVwDQ==" + "version": "2024.2.2-1712922569", + "resolved": "https://registry.npmjs.org/@goauthentik/api/-/api-2024.2.2-1712922569.tgz", + "integrity": "sha512-CUCSUQ7Zr3waDJs8OL+CTyFDz7eWIhgZaBAWDJLCy3i954Uo2hYsq1RjBUtk4PS+LwtmcY8FD/YvVi04fxSreA==" }, "node_modules/@hcaptcha/types": { "version": "1.0.3", @@ -4424,102 +4424,102 @@ "peer": true }, "node_modules/@sentry-internal/feedback": { - "version": "7.109.0", - "resolved": "https://registry.npmjs.org/@sentry-internal/feedback/-/feedback-7.109.0.tgz", - "integrity": "sha512-EL7N++poxvJP9rYvh6vSu24tsKkOveNCcCj4IM7+irWPjsuD2GLYYlhp/A/Mtt9l7iqO4plvtiQU5HGk7smcTQ==", + "version": "7.110.0", + "resolved": "https://registry.npmjs.org/@sentry-internal/feedback/-/feedback-7.110.0.tgz", + "integrity": "sha512-hrfWa3WkSOiBO5Srcr1j4kuGOlbsQic+REpLOofllVIs56DOo9+Aj9svxT+dcvZERv/nlFSV/E0BfGy9g08IEg==", "dependencies": { - "@sentry/core": "7.109.0", - "@sentry/types": "7.109.0", - "@sentry/utils": "7.109.0" + "@sentry/core": "7.110.0", + "@sentry/types": "7.110.0", + "@sentry/utils": "7.110.0" }, "engines": { "node": ">=12" } }, "node_modules/@sentry-internal/replay-canvas": { - "version": "7.109.0", - "resolved": "https://registry.npmjs.org/@sentry-internal/replay-canvas/-/replay-canvas-7.109.0.tgz", - "integrity": "sha512-Lh/K60kmloR6lkPUcQP0iamw7B/MdEUEx/ImAx4tUSMrLj+IoUEcq/ECgnnVyQkJq59+8nPEKrVLt7x6PUPEjw==", + "version": "7.110.0", + "resolved": "https://registry.npmjs.org/@sentry-internal/replay-canvas/-/replay-canvas-7.110.0.tgz", + "integrity": "sha512-SNa+AfyfX+vc6Xw0pIfDsa5Qnc9cpexU6M2D19gadtVhmep7qoFBuhBVZrSv6BtdCxvrb5EyYsHYGfjQdIDcvg==", "dependencies": { - "@sentry/core": "7.109.0", - "@sentry/replay": "7.109.0", - "@sentry/types": "7.109.0", - "@sentry/utils": "7.109.0" + "@sentry/core": "7.110.0", + "@sentry/replay": "7.110.0", + "@sentry/types": "7.110.0", + "@sentry/utils": "7.110.0" }, "engines": { "node": ">=12" } }, "node_modules/@sentry-internal/tracing": { - "version": "7.109.0", - "resolved": "https://registry.npmjs.org/@sentry-internal/tracing/-/tracing-7.109.0.tgz", - "integrity": "sha512-PzK/joC5tCuh2R/PRh+7dp+uuZl7pTsBIjPhVZHMTtb9+ls65WkdZJ1/uKXPouyz8NOo9Xok7aEvEo9seongyw==", + "version": "7.110.0", + "resolved": "https://registry.npmjs.org/@sentry-internal/tracing/-/tracing-7.110.0.tgz", + "integrity": "sha512-IIHHa9e/mE7uOMJfNELI8adyoELxOy6u6TNCn5t6fphmq84w8FTc9adXkG/FY2AQpglkIvlILojfMROFB2aaAQ==", "dependencies": { - "@sentry/core": "7.109.0", - "@sentry/types": "7.109.0", - "@sentry/utils": "7.109.0" + "@sentry/core": "7.110.0", + "@sentry/types": "7.110.0", + "@sentry/utils": "7.110.0" }, "engines": { "node": ">=8" } }, "node_modules/@sentry/browser": { - "version": "7.109.0", - "resolved": "https://registry.npmjs.org/@sentry/browser/-/browser-7.109.0.tgz", - "integrity": "sha512-yx+OFG+Ab9qUDDgV9ZDv8M9O9Mqr0fjKta/LMlWALYLjzkMvxsPlRPFj7oMBlHqOTVLDeg7lFYmsA8wyWQ8Z8g==", + "version": "7.110.0", + "resolved": "https://registry.npmjs.org/@sentry/browser/-/browser-7.110.0.tgz", + "integrity": "sha512-gIxedVm6ZgkjQfgCDgLWJgAsolq6OxV8hQ2j1+RaDL2RngvelFo/vlX5f2sD6EbjVp77Cri8u5GkMJF+v4p84g==", "dependencies": { - "@sentry-internal/feedback": "7.109.0", - "@sentry-internal/replay-canvas": "7.109.0", - "@sentry-internal/tracing": "7.109.0", - "@sentry/core": "7.109.0", - "@sentry/replay": "7.109.0", - "@sentry/types": "7.109.0", - "@sentry/utils": "7.109.0" + "@sentry-internal/feedback": "7.110.0", + "@sentry-internal/replay-canvas": "7.110.0", + "@sentry-internal/tracing": "7.110.0", + "@sentry/core": "7.110.0", + "@sentry/replay": "7.110.0", + "@sentry/types": "7.110.0", + "@sentry/utils": "7.110.0" }, "engines": { "node": ">=8" } }, "node_modules/@sentry/core": { - "version": "7.109.0", - "resolved": "https://registry.npmjs.org/@sentry/core/-/core-7.109.0.tgz", - "integrity": "sha512-xwD4U0IlvvlE/x/g/W1I8b4Cfb16SsCMmiEuBf6XxvAa3OfWBxKoqLifb3GyrbxMC4LbIIZCN/SvLlnGJPgszA==", + "version": "7.110.0", + "resolved": "https://registry.npmjs.org/@sentry/core/-/core-7.110.0.tgz", + "integrity": "sha512-g4suCQO94mZsKVaAbyD1zLFC5YSuBQCIPHXx9fdgtfoPib7BWjWWePkllkrvsKAv4u8Oq05RfnKOhOMRHpOKqg==", "dependencies": { - "@sentry/types": "7.109.0", - "@sentry/utils": "7.109.0" + "@sentry/types": "7.110.0", + "@sentry/utils": "7.110.0" }, "engines": { "node": ">=8" } }, "node_modules/@sentry/replay": { - "version": "7.109.0", - "resolved": "https://registry.npmjs.org/@sentry/replay/-/replay-7.109.0.tgz", - "integrity": "sha512-hCDjbTNO7ErW/XsaBXlyHFsUhneyBUdTec1Swf98TFEfVqNsTs6q338aUcaR8dGRLbLrJ9YU9D1qKq++v5h2CA==", + "version": "7.110.0", + "resolved": "https://registry.npmjs.org/@sentry/replay/-/replay-7.110.0.tgz", + "integrity": "sha512-EEpGPf3iBJjWejvoxKLVMnLtLNwPTUxHJV1oxUkbcSi3B/tG5hW7LArYDjAcvkfa4VmA8JLCwj2vYU5MQ8tj6g==", "dependencies": { - "@sentry-internal/tracing": "7.109.0", - "@sentry/core": "7.109.0", - "@sentry/types": "7.109.0", - "@sentry/utils": "7.109.0" + "@sentry-internal/tracing": "7.110.0", + "@sentry/core": "7.110.0", + "@sentry/types": "7.110.0", + "@sentry/utils": "7.110.0" }, "engines": { "node": ">=12" } }, "node_modules/@sentry/types": { - "version": "7.109.0", - "resolved": "https://registry.npmjs.org/@sentry/types/-/types-7.109.0.tgz", - "integrity": "sha512-egCBnDv3YpVFoNzRLdP0soVrxVLCQ+rovREKJ1sw3rA2/MFH9WJ+DZZexsX89yeAFzy1IFsCp7/dEqudusml6g==", + "version": "7.110.0", + "resolved": "https://registry.npmjs.org/@sentry/types/-/types-7.110.0.tgz", + "integrity": "sha512-DqYBLyE8thC5P5MuPn+sj8tL60nCd/f5cerFFPcudn5nJ4Zs1eI6lKlwwyHYTEu5c4KFjCB0qql6kXfwAHmTyA==", "engines": { "node": ">=8" } }, "node_modules/@sentry/utils": { - "version": "7.109.0", - "resolved": "https://registry.npmjs.org/@sentry/utils/-/utils-7.109.0.tgz", - "integrity": "sha512-3RjxMOLMBwZ5VSiH84+o/3NY2An4Zldjz0EbfEQNRY9yffRiCPJSQiCJID8EoylCFOh/PAhPimBhqbtWJxX6iw==", + "version": "7.110.0", + "resolved": "https://registry.npmjs.org/@sentry/utils/-/utils-7.110.0.tgz", + "integrity": "sha512-VBsdLLN+5tf73fhf/Cm7JIsUJ6y9DkJj8h4I6Mxx0rszrvOyH6S5px40K+V4jdLBzMEvVinC7q2Cbf1YM18BSw==", "dependencies": { - "@sentry/types": "7.109.0" + "@sentry/types": "7.110.0" }, "engines": { "node": ">=8" diff --git a/web/package.json b/web/package.json index b656294af2da..36581adc3253 100644 --- a/web/package.json +++ b/web/package.json @@ -38,7 +38,7 @@ "@codemirror/theme-one-dark": "^6.1.2", "@formatjs/intl-listformat": "^7.5.5", "@fortawesome/fontawesome-free": "^6.5.2", - "@goauthentik/api": "^2024.2.2-1712833826", + "@goauthentik/api": "^2024.2.2-1712922569", "@lit-labs/task": "^3.1.0", "@lit/context": "^1.1.0", "@lit/localize": "^0.12.1", @@ -46,7 +46,7 @@ "@open-wc/lit-helpers": "^0.7.0", "@patternfly/elements": "^3.0.0", "@patternfly/patternfly": "^4.224.2", - "@sentry/browser": "^7.109.0", + "@sentry/browser": "^7.110.0", "@webcomponents/webcomponentsjs": "^2.8.0", "base64-js": "^1.5.1", "chart.js": "^4.4.2", diff --git a/web/xliff/de.xlf b/web/xliff/de.xlf index 429b65cb9297..6c99a63882c8 100644 --- a/web/xliff/de.xlf +++ b/web/xliff/de.xlf @@ -3756,10 +3756,6 @@ doesn't pass when either or both of the selected options are equal or above the Last validation threshold Letzte Validierungsschwelle - - If any of the devices user of the types selected above have been used within this duration, this stage will be skipped. - Wenn eines der oben ausgewählten Geräte innerhalb dieser Zeitspanne benutzt wurde, wird dieser Schritt übersprungen. - Not configured action Nicht konfigurierte Aktion @@ -6487,6 +6483,30 @@ Bindings to groups/users are checked against the user of the event. Optionally restrict which WebAuthn device types may be used. When no device types are selected, all devices are allowed. + + + If the user has successfully authenticated with a device in the classes listed above within this configured duration, this stage will be skipped. + + + WebAuthn-specific settings + + + WebAuthn Device type restrictions + + + This restriction only applies to devices created in authentik 2024.4 or later. + + + Default token duration + + + Default duration for generated tokens + + + Default token length + + + Default length of generated tokens diff --git a/web/xliff/en.xlf b/web/xliff/en.xlf index 9f6d9bcd3053..23ef4b141dc5 100644 --- a/web/xliff/en.xlf +++ b/web/xliff/en.xlf @@ -3935,10 +3935,6 @@ doesn't pass when either or both of the selected options are equal or above the Last validation threshold Last validation threshold - - If any of the devices user of the types selected above have been used within this duration, this stage will be skipped. - If any of the devices user of the types selected above have been used within this duration, this stage will be skipped. - Not configured action Not configured action @@ -6756,6 +6752,30 @@ Bindings to groups/users are checked against the user of the event. Optionally restrict which WebAuthn device types may be used. When no device types are selected, all devices are allowed. + + + If the user has successfully authenticated with a device in the classes listed above within this configured duration, this stage will be skipped. + + + WebAuthn-specific settings + + + WebAuthn Device type restrictions + + + This restriction only applies to devices created in authentik 2024.4 or later. + + + Default token duration + + + Default duration for generated tokens + + + Default token length + + + Default length of generated tokens diff --git a/web/xliff/es.xlf b/web/xliff/es.xlf index 6afd3320ef54..c0c27a51b77f 100644 --- a/web/xliff/es.xlf +++ b/web/xliff/es.xlf @@ -3695,9 +3695,6 @@ doesn't pass when either or both of the selected options are equal or above the Last validation threshold - - If any of the devices user of the types selected above have been used within this duration, this stage will be skipped. - Not configured action Acción no configurada @@ -6403,6 +6400,30 @@ Bindings to groups/users are checked against the user of the event. Optionally restrict which WebAuthn device types may be used. When no device types are selected, all devices are allowed. + + + If the user has successfully authenticated with a device in the classes listed above within this configured duration, this stage will be skipped. + + + WebAuthn-specific settings + + + WebAuthn Device type restrictions + + + This restriction only applies to devices created in authentik 2024.4 or later. + + + Default token duration + + + Default duration for generated tokens + + + Default token length + + + Default length of generated tokens diff --git a/web/xliff/fr.xlf b/web/xliff/fr.xlf index 03c309e551b2..9c1b773ad94e 100644 --- a/web/xliff/fr.xlf +++ b/web/xliff/fr.xlf @@ -4916,11 +4916,6 @@ doesn't pass when either or both of the selected options are equal or above the Last validation threshold Seuil de dernière validation - - - If any of the devices user of the types selected above have been used within this duration, this stage will be skipped. - Si l’utilisateur a utilisé n’importe lequel des appareils du type sélectionné ci-dessus pendant cette période, cette étape sera ignorée. - Not configured action @@ -8516,6 +8511,30 @@ Les liaisons avec les groupes/utilisateurs sont vérifiées par rapport à l'uti Optionally restrict which WebAuthn device types may be used. When no device types are selected, all devices are allowed. + + + If the user has successfully authenticated with a device in the classes listed above within this configured duration, this stage will be skipped. + + + WebAuthn-specific settings + + + WebAuthn Device type restrictions + + + This restriction only applies to devices created in authentik 2024.4 or later. + + + Default token duration + + + Default duration for generated tokens + + + Default token length + + + Default length of generated tokens diff --git a/web/xliff/ko.xlf b/web/xliff/ko.xlf index e66fb6f61be7..982b476468bf 100644 --- a/web/xliff/ko.xlf +++ b/web/xliff/ko.xlf @@ -4898,11 +4898,6 @@ doesn't pass when either or both of the selected options are equal or above the Last validation threshold 최종 유효성 검사 임계치 - - - If any of the devices user of the types selected above have been used within this duration, this stage will be skipped. - 위에서 선택한 유형의 사용자가 이 기간 내에 사용한 적이 있는 디바이스가 있으면 이 단계는 건너뛰게 됩니다. - Not configured action @@ -8344,6 +8339,30 @@ Bindings to groups/users are checked against the user of the event. Optionally restrict which WebAuthn device types may be used. When no device types are selected, all devices are allowed. + + + If the user has successfully authenticated with a device in the classes listed above within this configured duration, this stage will be skipped. + + + WebAuthn-specific settings + + + WebAuthn Device type restrictions + + + This restriction only applies to devices created in authentik 2024.4 or later. + + + Default token duration + + + Default duration for generated tokens + + + Default token length + + + Default length of generated tokens diff --git a/web/xliff/nl.xlf b/web/xliff/nl.xlf index 6d58c2bcf6a3..04cd294303a7 100644 --- a/web/xliff/nl.xlf +++ b/web/xliff/nl.xlf @@ -4884,11 +4884,6 @@ slaagt niet wanneer een of beide geselecteerde opties gelijk zijn aan of boven d Last validation threshold Laatste validatiedrempel - - - If any of the devices user of the types selected above have been used within this duration, this stage will be skipped. - Als een van de geselecteerde apparaattypen in deze periode is gebruikt, wordt deze fase overgeslagen. - Not configured action @@ -8187,6 +8182,30 @@ Bindingen naar groepen/gebruikers worden gecontroleerd tegen de gebruiker van de Optionally restrict which WebAuthn device types may be used. When no device types are selected, all devices are allowed. + + + If the user has successfully authenticated with a device in the classes listed above within this configured duration, this stage will be skipped. + + + WebAuthn-specific settings + + + WebAuthn Device type restrictions + + + This restriction only applies to devices created in authentik 2024.4 or later. + + + Default token duration + + + Default duration for generated tokens + + + Default token length + + + Default length of generated tokens diff --git a/web/xliff/pl.xlf b/web/xliff/pl.xlf index b5ff9a6e5f38..0ddf604b7880 100644 --- a/web/xliff/pl.xlf +++ b/web/xliff/pl.xlf @@ -3827,10 +3827,6 @@ doesn't pass when either or both of the selected options are equal or above the Last validation threshold Próg ostatniej walidacji - - If any of the devices user of the types selected above have been used within this duration, this stage will be skipped. - Jeśli którekolwiek z urządzeń wybranych powyżej typów zostało użyte w tym czasie, ten etap zostanie pominięty. - Not configured action Nie skonfigurowana akcja @@ -6608,6 +6604,30 @@ Bindings to groups/users are checked against the user of the event. Optionally restrict which WebAuthn device types may be used. When no device types are selected, all devices are allowed. + + + If the user has successfully authenticated with a device in the classes listed above within this configured duration, this stage will be skipped. + + + WebAuthn-specific settings + + + WebAuthn Device type restrictions + + + This restriction only applies to devices created in authentik 2024.4 or later. + + + Default token duration + + + Default duration for generated tokens + + + Default token length + + + Default length of generated tokens diff --git a/web/xliff/pseudo-LOCALE.xlf b/web/xliff/pseudo-LOCALE.xlf index 5a7cc3755277..9e5fdbc7e416 100644 --- a/web/xliff/pseudo-LOCALE.xlf +++ b/web/xliff/pseudo-LOCALE.xlf @@ -4886,11 +4886,6 @@ doesn't pass when either or both of the selected options are equal or above the Last validation threshold Ĺàśţ vàĺĩďàţĩōń ţĥŕēśĥōĺď - - - If any of the devices user of the types selected above have been used within this duration, this stage will be skipped. - Ĩƒ àńŷ ōƒ ţĥē ďēvĩćēś ũśēŕ ōƒ ţĥē ţŷƥēś śēĺēćţēď àƀōvē ĥàvē ƀēēń ũśēď ŵĩţĥĩń ţĥĩś ďũŕàţĩōń, ţĥĩś śţàĝē ŵĩĺĺ ƀē śķĩƥƥēď. - Not configured action @@ -8460,4 +8455,28 @@ Bindings to groups/users are checked against the user of the event. Optionally restrict which WebAuthn device types may be used. When no device types are selected, all devices are allowed. + + If the user has successfully authenticated with a device in the classes listed above within this configured duration, this stage will be skipped. + + + WebAuthn-specific settings + + + WebAuthn Device type restrictions + + + This restriction only applies to devices created in authentik 2024.4 or later. + + + Default token duration + + + Default duration for generated tokens + + + Default token length + + + Default length of generated tokens + diff --git a/web/xliff/tr.xlf b/web/xliff/tr.xlf index 80ba4a88b1ab..affeddc0b890 100644 --- a/web/xliff/tr.xlf +++ b/web/xliff/tr.xlf @@ -3694,9 +3694,6 @@ doesn't pass when either or both of the selected options are equal or above the Last validation threshold - - If any of the devices user of the types selected above have been used within this duration, this stage will be skipped. - Not configured action Yapılandırılmamış eylem @@ -6396,6 +6393,30 @@ Bindings to groups/users are checked against the user of the event. Optionally restrict which WebAuthn device types may be used. When no device types are selected, all devices are allowed. + + + If the user has successfully authenticated with a device in the classes listed above within this configured duration, this stage will be skipped. + + + WebAuthn-specific settings + + + WebAuthn Device type restrictions + + + This restriction only applies to devices created in authentik 2024.4 or later. + + + Default token duration + + + Default duration for generated tokens + + + Default token length + + + Default length of generated tokens diff --git a/web/xliff/zh-CN.xlf b/web/xliff/zh-CN.xlf index ffe8205a8eb5..fd9ccc27c625 100644 --- a/web/xliff/zh-CN.xlf +++ b/web/xliff/zh-CN.xlf @@ -3581,9 +3581,6 @@ doesn't pass when either or both of the selected options are equal or above the Last validation threshold - - If any of the devices user of the types selected above have been used within this duration, this stage will be skipped. - Not configured action @@ -5314,6 +5311,30 @@ Bindings to groups/users are checked against the user of the event. Optionally restrict which WebAuthn device types may be used. When no device types are selected, all devices are allowed. + + If the user has successfully authenticated with a device in the classes listed above within this configured duration, this stage will be skipped. + + + WebAuthn-specific settings + + + WebAuthn Device type restrictions + + + This restriction only applies to devices created in authentik 2024.4 or later. + + + Default token duration + + + Default duration for generated tokens + + + Default token length + + + Default length of generated tokens + diff --git a/web/xliff/zh-Hans.xlf b/web/xliff/zh-Hans.xlf index 7fecec80ed3b..f23f0b497780 100644 --- a/web/xliff/zh-Hans.xlf +++ b/web/xliff/zh-Hans.xlf @@ -1,4 +1,4 @@ - + @@ -596,9 +596,9 @@ - The URL "" was not found. - 未找到 URL " - "。 + The URL "" was not found. + 未找到 URL " + "。 @@ -1040,8 +1040,8 @@ - To allow any redirect URI, set this value to ".*". Be aware of the possible security implications this can have. - 要允许任何重定向 URI,请将此值设置为 ".*"。请注意这可能带来的安全影响。 + To allow any redirect URI, set this value to ".*". Be aware of the possible security implications this can have. + 要允许任何重定向 URI,请将此值设置为 ".*"。请注意这可能带来的安全影响。 @@ -1782,8 +1782,8 @@ - Either input a full URL, a relative path, or use 'fa://fa-test' to use the Font Awesome icon "fa-test". - 输入完整 URL、相对路径,或者使用 'fa://fa-test' 来使用 Font Awesome 图标 "fa-test"。 + Either input a full URL, a relative path, or use 'fa://fa-test' to use the Font Awesome icon "fa-test". + 输入完整 URL、相对路径,或者使用 'fa://fa-test' 来使用 Font Awesome 图标 "fa-test"。 @@ -2961,8 +2961,8 @@ doesn't pass when either or both of the selected options are equal or above the - Field which contains members of a group. Note that if using the "memberUid" field, the value is assumed to contain a relative distinguished name. e.g. 'memberUid=some-user' instead of 'memberUid=cn=some-user,ou=groups,...' - 包含组成员的字段。请注意,如果使用 "memberUid" 字段,则假定该值包含相对可分辨名称。例如,'memberUid=some-user' 而不是 'memberUid=cn=some-user,ou=groups,...' + Field which contains members of a group. Note that if using the "memberUid" field, the value is assumed to contain a relative distinguished name. e.g. 'memberUid=some-user' instead of 'memberUid=cn=some-user,ou=groups,...' + 包含组成员的字段。请注意,如果使用 "memberUid" 字段,则假定该值包含相对可分辨名称。例如,'memberUid=some-user' 而不是 'memberUid=cn=some-user,ou=groups,...' @@ -3739,8 +3739,8 @@ doesn't pass when either or both of the selected options are equal or above the - When using an external logging solution for archiving, this can be set to "minutes=5". - 使用外部日志记录解决方案进行存档时,可以将其设置为 "minutes=5"。 + When using an external logging solution for archiving, this can be set to "minutes=5". + 使用外部日志记录解决方案进行存档时,可以将其设置为 "minutes=5"。 @@ -3916,10 +3916,10 @@ doesn't pass when either or both of the selected options are equal or above the - Are you sure you want to update ""? + Are you sure you want to update ""? 您确定要更新 - " - " 吗? + " + " 吗? @@ -4918,11 +4918,6 @@ doesn't pass when either or both of the selected options are equal or above the Last validation threshold 上次验证阈值 - - - If any of the devices user of the types selected above have been used within this duration, this stage will be skipped. - 如果上面所选类型的任意设备在此期限内被使用,此阶段会被跳过。 - Not configured action @@ -5000,7 +4995,7 @@ doesn't pass when either or both of the selected options are equal or above the - A "roaming" authenticator, like a YubiKey + A "roaming" authenticator, like a YubiKey 像 YubiKey 这样的“漫游”身份验证器 @@ -5335,10 +5330,10 @@ doesn't pass when either or both of the selected options are equal or above the - ("", of type ) + ("", of type ) - (" - ",类型为 + (" + ",类型为 @@ -5387,7 +5382,7 @@ doesn't pass when either or both of the selected options are equal or above the - If set to a duration above 0, the user will have the option to choose to "stay signed in", which will extend their session by the time specified here. + If set to a duration above 0, the user will have the option to choose to "stay signed in", which will extend their session by the time specified here. 如果设置时长大于 0,用户可以选择“保持登录”选项,这将使用户的会话延长此处设置的时间。 @@ -7839,7 +7834,7 @@ Bindings to groups/users are checked against the user of the event. 成功创建用户并添加到组 - This user will be added to the group "". + This user will be added to the group "". 此用户将会被添加到组 ""。 @@ -8539,7 +8534,39 @@ Bindings to groups/users are checked against the user of the event. Optionally restrict which WebAuthn device types may be used. When no device types are selected, all devices are allowed. 可选的 WebAuthn 可用设备类型限制。如果未选择设备类型,则允许所有设备。 + + + If the user has successfully authenticated with a device in the classes listed above within this configured duration, this stage will be skipped. + 如果用户在配置的持续时间内通过上面列出类别中的设备验证身份成功,则跳过此阶段。 + + + WebAuthn-specific settings + WebAuthn 特定设置 + + + WebAuthn Device type restrictions + WebAuthn 设备类型限制 + + + This restriction only applies to devices created in authentik 2024.4 or later. + 此限制仅适用于在 authentik 2024.4 或更新版本中创建的设备。 + + + Default token duration + 默认令牌持续时间 + + + Default duration for generated tokens + 生成令牌的默认持续时间 + + + Default token length + 默认令牌长度 + + + Default length of generated tokens + 生成令牌的默认长度 - + \ No newline at end of file diff --git a/web/xliff/zh-Hant.xlf b/web/xliff/zh-Hant.xlf index 917771ecd6e6..c63b27d36f46 100644 --- a/web/xliff/zh-Hant.xlf +++ b/web/xliff/zh-Hant.xlf @@ -3724,9 +3724,6 @@ doesn't pass when either or both of the selected options are equal or above the Last validation threshold - - If any of the devices user of the types selected above have been used within this duration, this stage will be skipped. - Not configured action 未配置操作 @@ -6444,6 +6441,30 @@ Bindings to groups/users are checked against the user of the event. Optionally restrict which WebAuthn device types may be used. When no device types are selected, all devices are allowed. + + + If the user has successfully authenticated with a device in the classes listed above within this configured duration, this stage will be skipped. + + + WebAuthn-specific settings + + + WebAuthn Device type restrictions + + + This restriction only applies to devices created in authentik 2024.4 or later. + + + Default token duration + + + Default duration for generated tokens + + + Default token length + + + Default length of generated tokens diff --git a/web/xliff/zh_CN.xlf b/web/xliff/zh_CN.xlf index 1c87ecf6d392..3aca8f9d3e08 100644 --- a/web/xliff/zh_CN.xlf +++ b/web/xliff/zh_CN.xlf @@ -4918,11 +4918,6 @@ doesn't pass when either or both of the selected options are equal or above the Last validation threshold 上次验证阈值 - - - If any of the devices user of the types selected above have been used within this duration, this stage will be skipped. - 如果上面所选类型的任意设备在此期限内被使用,此阶段会被跳过。 - Not configured action @@ -8539,6 +8534,38 @@ Bindings to groups/users are checked against the user of the event. Optionally restrict which WebAuthn device types may be used. When no device types are selected, all devices are allowed. 可选的 WebAuthn 可用设备类型限制。如果未选择设备类型,则允许所有设备。 + + + If the user has successfully authenticated with a device in the classes listed above within this configured duration, this stage will be skipped. + 如果用户在配置的持续时间内通过上面列出类别中的设备验证身份成功,则跳过此阶段。 + + + WebAuthn-specific settings + WebAuthn 特定设置 + + + WebAuthn Device type restrictions + WebAuthn 设备类型限制 + + + This restriction only applies to devices created in authentik 2024.4 or later. + 此限制仅适用于在 authentik 2024.4 或更新版本中创建的设备。 + + + Default token duration + 默认令牌持续时间 + + + Default duration for generated tokens + 生成令牌的默认持续时间 + + + Default token length + 默认令牌长度 + + + Default length of generated tokens + 生成令牌的默认长度 diff --git a/web/xliff/zh_TW.xlf b/web/xliff/zh_TW.xlf index 398cc40220b5..20469c5e6f0c 100644 --- a/web/xliff/zh_TW.xlf +++ b/web/xliff/zh_TW.xlf @@ -4876,11 +4876,6 @@ doesn't pass when either or both of the selected options are equal or above the Last validation threshold 最後驗證的時間閾值 - - - If any of the devices user of the types selected above have been used within this duration, this stage will be skipped. - 如果上述選擇的任何裝置類型在此時長內被使用過,則將跳過此階段。 - Not configured action @@ -8305,6 +8300,30 @@ Bindings to groups/users are checked against the user of the event. Optionally restrict which WebAuthn device types may be used. When no device types are selected, all devices are allowed. + + + If the user has successfully authenticated with a device in the classes listed above within this configured duration, this stage will be skipped. + + + WebAuthn-specific settings + + + WebAuthn Device type restrictions + + + This restriction only applies to devices created in authentik 2024.4 or later. + + + Default token duration + + + Default duration for generated tokens + + + Default token length + + + Default length of generated tokens diff --git a/website/developer-docs/blueprints/v1/tags.md b/website/developer-docs/blueprints/v1/tags.md index 79edbdca3d9d..045092274ba6 100644 --- a/website/developer-docs/blueprints/v1/tags.md +++ b/website/developer-docs/blueprints/v1/tags.md @@ -2,7 +2,11 @@ #### `!KeyOf` -Example: `policy: !KeyOf my-policy-id` +Example: + +```yaml +policy: !KeyOf my-policy-id +``` Resolves to the primary key of the model instance defined by id _my-policy-id_. @@ -10,7 +14,11 @@ If no matching entry can be found, an error is raised and the blueprint is inval #### `!Env` -Example: `password: !Env my_env_var` +Example: + +```yaml +password: !Env my_env_var +``` Returns the value of the given environment variable. Can be used as a scalar with `!Env my_env_var, default` to return a default value. @@ -18,16 +26,16 @@ Returns the value of the given environment variable. Can be used as a scalar wit Examples: -`configure_flow: !Find [authentik_flows.flow, [slug, default-password-change]]` - +```yaml +configure_flow: !Find [authentik_flows.flow, [slug, default-password-change]] ``` -configure_flow: !Find [ - authentik_flows.flow, - [ - !Context property_name, - !Context property_value - ] -] + +```yaml +configure_flow: + !Find [ + authentik_flows.flow, + [!Context property_name, !Context property_value], + ] ``` Looks up any model and resolves to the the matches' primary key. @@ -35,13 +43,21 @@ First argument is the model to be queried, remaining arguments are expected to b #### `!Context` -Example: `configure_flow: !Context foo` +Example: + +```yaml +configure_flow: !Context foo +``` Find values from the context. Can optionally be called with a default like `!Context [foo, default-value]`. #### `!Format` -Example: `name: !Format [my-policy-%s, !Context instance_name]` +Example: + +```yaml +name: !Format [my-policy-%s, !Context instance_name] +``` Format a string using python's % formatting. First argument is the format string, any remaining arguments are used for formatting. @@ -63,26 +79,25 @@ required: !If [true, true, false] Full example: -``` +```yaml attributes: !If [ - !Condition [...], # Or any valid YAML or custom tag. Evaluated as boolean in Python - { # When condition evaluates to true - dictionary: + !Condition [...], # Or any valid YAML or custom tag. Evaluated as boolean in Python { - with: - { - keys: "and_values" - }, - and_nested_custom_tags: !Format ["foo-%s", !Context foo] - } - }, - [ # When condition evaluates to false - list, - with, - items, - !Format ["foo-%s", !Context foo] + # When condition evaluates to true + dictionary: + { + with: { keys: "and_values" }, + and_nested_custom_tags: !Format ["foo-%s", !Context foo], + }, + }, + [ + # When condition evaluates to false + list, + with, + items, + !Format ["foo-%s", !Context foo], + ], ] -] ``` Conditionally add YAML to a blueprint. @@ -95,11 +110,13 @@ The second argument is used when the condition is `true`, and the third - when ` Minimal example: -`required: !Condition [OR, true]` +```yaml +required: !Condition [OR, true] +``` Full example: -``` +```yaml required: !Condition [ AND, # Valid modes are: AND, NAND, OR, NOR, XOR, XNOR !Context instance_name, @@ -124,7 +141,7 @@ These tags collectively make it possible to iterate over objects which support i This tag takes 3 arguments: -``` +```yaml !Enumerate [, , ] ``` @@ -140,7 +157,7 @@ This tag is only valid inside an `!Enumerate` tag This tag takes 1 argument: -``` +```yaml !Index ``` @@ -158,7 +175,7 @@ This tag is only valid inside an `!Enumerate` tag This tag takes 1 argument: -``` +```yaml !Value ``` @@ -170,41 +187,54 @@ For example, given a sequence like this - `["a", "b", "c"]`, this tag will resol Minimal examples: -``` +```yaml configuration_stages: !Enumerate [ - !Context map_of_totp_stage_names_and_types, - SEQ, # Output a sequence - !Find [!Format ["authentik_stages_authenticator_%s.authenticator%sstage", !Index 0, !Index 0], [name, !Value 0]] # The value of each item in the sequence -] + !Context map_of_totp_stage_names_and_types, + SEQ, # Output a sequence + !Find [ + !Format [ + "authentik_stages_authenticator_%s.authenticator%sstage", + !Index 0, + !Index 0, + ], + [name, !Value 0], + ], # The value of each item in the sequence + ] ``` The above example will resolve to something like this: -``` +```yaml configuration_stages: -- !Find [authentik_stages_authenticator_.authenticatorstage, [name, ]] -- !Find [authentik_stages_authenticator_.authenticatorstage, [name, ]] + - !Find [ + authentik_stages_authenticator_.authenticatorstage, + [name, ], + ] + - !Find [ + authentik_stages_authenticator_.authenticatorstage, + [name, ], + ] ``` Similarly, a mapping can be generated like so: -``` +```yaml example: !Enumerate [ - !Context list_of_totp_stage_names, - MAP, # Output a map - [ - !Index 0, # The key to assign to each entry - !Value 0, # The value to assign to each entry + !Context list_of_totp_stage_names, + MAP, # Output a map + [ + !Index 0, # The key to assign to each entry + !Value 0, # The value to assign to each entry + ], ] -] ``` The above example will resolve to something like this: -``` +```yaml example: - 0: - 1: + 0: + 1: ``` Full example: @@ -213,32 +243,38 @@ Full example: Note that an `!Enumeration` tag's iterable can never be an `!Item` or `!Value` tag with a depth of `0`. Minimum depth allowed is `1`. This is because a depth of `0` refers to the `!Enumeration` tag the `!Item` or `!Value` tag is in, and an `!Enumeration` tag cannot iterate over itself. ::: -``` +```yaml example: !Enumerate [ - !Context sequence, # ["foo", "bar"] - MAP, # Output a map - [ - !Index 0, # Use the indexes of the items in the sequence as keys - !Enumerate [ # Nested enumeration - # Iterate over each item of the parent enumerate tag. - # Notice depth is 1, not 0, since we are inside the nested enumeration tag! - !Value 1, - SEQ, # Output a sequence - !Format ["%s: (index: %d, letter: %s)", !Value 1, !Index 0, !Value 0] - ] + !Context sequence, # ["foo", "bar"] + MAP, # Output a map + [ + !Index 0, # Use the indexes of the items in the sequence as keys + !Enumerate [ + # Nested enumeration + # Iterate over each item of the parent enumerate tag. + # Notice depth is 1, not 0, since we are inside the nested enumeration tag! + !Value 1, + SEQ, # Output a sequence + !Format [ + "%s: (index: %d, letter: %s)", + !Value 1, + !Index 0, + !Value 0, + ], + ], + ], ] -] ``` The above example will resolve to something like this: -``` -'0': -- 'foo: (index: 0, letter: f)' -- 'foo: (index: 1, letter: o)' -- 'foo: (index: 2, letter: o)' -'1': -- 'bar: (index: 0, letter: b)' -- 'bar: (index: 1, letter: a)' -- 'bar: (index: 2, letter: r)' +```yaml +"0": + - "foo: (index: 0, letter: f)" + - "foo: (index: 1, letter: o)" + - "foo: (index: 2, letter: o)" +"1": + - "bar: (index: 0, letter: b)" + - "bar: (index: 1, letter: a)" + - "bar: (index: 2, letter: r)" ``` diff --git a/website/docs/core/certificates.md b/website/docs/core/certificates.md index 82eddf73e0a4..282dcc6d558d 100644 --- a/website/docs/core/certificates.md +++ b/website/docs/core/certificates.md @@ -42,7 +42,7 @@ You can also bind mount single files into the folder, as long as they fall under - Files can be in any arbitrary file structure, and can have any extension. - If the path contains `archive`, the files will be ignored (to better support certbot setups). -``` +```shell certs/ ├── baz │   └── bar.baz diff --git a/website/docs/installation/kubernetes.md b/website/docs/installation/kubernetes.md index 1dbfa8267997..12e739c1fafd 100644 --- a/website/docs/installation/kubernetes.md +++ b/website/docs/installation/kubernetes.md @@ -21,7 +21,7 @@ You can also [view a video walk-through](https://www.youtube.com/watch?v=O1qUbrk Start by generating passwords for the database and cache. You can use either of the following commands: -``` +```shell pwgen -s 50 1 openssl rand -base64 36 ``` @@ -62,7 +62,7 @@ See all configurable values on [ArtifactHub](https://artifacthub.io/packages/hel Now, execute the following commands to install authentik: -``` +```shell helm repo add authentik https://charts.goauthentik.io helm repo update helm upgrade --install authentik authentik/authentik -f values.yaml diff --git a/website/docs/providers/ldap/generic_setup.md b/website/docs/providers/ldap/generic_setup.md index c756824aa8f9..6e1ba907475d 100644 --- a/website/docs/providers/ldap/generic_setup.md +++ b/website/docs/providers/ldap/generic_setup.md @@ -74,14 +74,14 @@ Test connectivity by using ldapsearch. :::info ldapsearch can be installed on Linux system with these commands -``` +```shell sudo apt-get install ldap-utils -y # Debian-based systems sudo yum install openldap-clients -y # CentOS-based systems ``` ::: -``` +```shell ldapsearch \ -x \ -H ldap://: \ # In production it is recommended to use SSL, which also requires `ldaps://` as the protocol and the SSL port diff --git a/website/docs/providers/proxy/_nginx_proxy_manager.md b/website/docs/providers/proxy/_nginx_proxy_manager.md index 3667cf967999..58a12c2ac34e 100644 --- a/website/docs/providers/proxy/_nginx_proxy_manager.md +++ b/website/docs/providers/proxy/_nginx_proxy_manager.md @@ -1,6 +1,10 @@ -For Nginx Proxy Manager you can use this snippet - ``` +# Upgrade WebSocket if requested, otherwise use keepalive +map $http_upgrade $connection_upgrade_keepalive { + default upgrade; + '' ''; +} + # Increase buffer size for large headers # This is needed only if you get 'upstream sent too big header while reading response # header from upstream' error when trying to access an application protected by goauthentik @@ -16,6 +20,9 @@ location / { # Set any other headers your application might need # proxy_set_header Host $host; # proxy_set_header ... + # Support for websocket + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade_keepalive; ############################## # authentik-specific config diff --git a/website/docs/providers/proxy/_nginx_standalone.md b/website/docs/providers/proxy/_nginx_standalone.md index c7cace7fa380..780274b6fd2c 100644 --- a/website/docs/providers/proxy/_nginx_standalone.md +++ b/website/docs/providers/proxy/_nginx_standalone.md @@ -1,4 +1,10 @@ ``` +# Upgrade WebSocket if requested, otherwise use keepalive +map $http_upgrade $connection_upgrade_keepalive { + default upgrade; + '' ''; +} + server { # SSL and VHost configuration listen 443 ssl http2; @@ -18,6 +24,9 @@ server { # proxy_pass http://localhost:5000; # proxy_set_header Host $host; # proxy_set_header ... + # Support for websocket + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade_keepalive; ############################## # authentik-specific config diff --git a/website/docs/releases/2023/v2023.10.md b/website/docs/releases/2023/v2023.10.md index 04760aa74abc..fe2bd54a22df 100644 --- a/website/docs/releases/2023/v2023.10.md +++ b/website/docs/releases/2023/v2023.10.md @@ -43,7 +43,7 @@ This release does not introduce any new requirements. To upgrade, download the new docker-compose file and update the Docker stack with the new version, using these commands: -``` +```shell wget -O docker-compose.yml https://goauthentik.io/version/2023.10/docker-compose.yml docker-compose up -d ``` diff --git a/website/docs/releases/2023/v2023.5.md b/website/docs/releases/2023/v2023.5.md index 047bb1818dd5..802a125d4449 100644 --- a/website/docs/releases/2023/v2023.5.md +++ b/website/docs/releases/2023/v2023.5.md @@ -41,7 +41,7 @@ This release does not introduce any new requirements. To upgrade, download the new docker-compose file and update the Docker stack with the new version, using these commands: -``` +```shell wget -O docker-compose.yml https://goauthentik.io/version/2023.5/docker-compose.yml docker-compose up -d ``` diff --git a/website/docs/releases/2023/v2023.6.md b/website/docs/releases/2023/v2023.6.md index 74971855ecdc..cc0fe34fda26 100644 --- a/website/docs/releases/2023/v2023.6.md +++ b/website/docs/releases/2023/v2023.6.md @@ -27,7 +27,7 @@ This release does not introduce any new requirements. To upgrade, download the new docker-compose file and update the Docker stack with the new version, using these commands: -``` +```shell wget -O docker-compose.yml https://goauthentik.io/version/2023.6/docker-compose.yml docker-compose up -d ``` diff --git a/website/docs/releases/2023/v2023.8.md b/website/docs/releases/2023/v2023.8.md index d41cf2eca65a..2a62ca456c76 100644 --- a/website/docs/releases/2023/v2023.8.md +++ b/website/docs/releases/2023/v2023.8.md @@ -39,7 +39,7 @@ This release changes the PostgreSQL dependency to require Version 12 or later, w To upgrade, download the new docker-compose file and update the Docker stack with the new version, using these commands: -``` +```shell wget -O docker-compose.yml https://goauthentik.io/version/2023.8/docker-compose.yml docker-compose up -d ``` diff --git a/website/docs/releases/2024/next.md b/website/docs/releases/2024/next.md index 214e60930bce..2dbd959be0fe 100644 --- a/website/docs/releases/2024/next.md +++ b/website/docs/releases/2024/next.md @@ -35,7 +35,7 @@ This release does not introduce any new requirements. To upgrade, download the new docker-compose file and update the Docker stack with the new version, using these commands: -``` +```shell wget -O docker-compose.yml https://goauthentik.io/version/xxxx.x/docker-compose.yml docker compose up -d ``` diff --git a/website/docs/releases/2024/v2024.2.md b/website/docs/releases/2024/v2024.2.md index dc08d21bbdb4..4f7675fd53ac 100644 --- a/website/docs/releases/2024/v2024.2.md +++ b/website/docs/releases/2024/v2024.2.md @@ -178,7 +178,7 @@ This release does not introduce any new requirements, but contains some breaking To upgrade, download the new docker-compose file and update the Docker stack with the new version, using these commands: -``` +```shell wget -O docker-compose.yml https://goauthentik.io/version/2024.2/docker-compose.yml docker compose up -d ``` diff --git a/website/docs/releases/_template.md b/website/docs/releases/_template.md index 01b65ea06a4f..899529d7150a 100644 --- a/website/docs/releases/_template.md +++ b/website/docs/releases/_template.md @@ -15,7 +15,7 @@ This release does not introduce any new requirements. To upgrade, download the new docker-compose file and update the Docker stack with the new version, using these commands: -``` +```shell wget -O docker-compose.yml https://goauthentik.io/version/xxxx.x/docker-compose.yml docker compose up -d ``` diff --git a/website/docs/releases/old/v0.10.md b/website/docs/releases/old/v0.10.md index 762268dd3cad..e101731ceb66 100644 --- a/website/docs/releases/old/v0.10.md +++ b/website/docs/releases/old/v0.10.md @@ -42,7 +42,7 @@ By default, the new compose file uses a fixed version to prevent unintended upda Before updating the file, stop all containers. Then download the file, pull the new containers and start the database. -``` +```shell docker-compose down docker-compose pull docker-compose up --no-start diff --git a/website/docs/releases/old/v0.13.md b/website/docs/releases/old/v0.13.md index 881da79eb2a6..d778d19a9426 100644 --- a/website/docs/releases/old/v0.13.md +++ b/website/docs/releases/old/v0.13.md @@ -39,7 +39,7 @@ The only manual change you have to do is replace the `PASSBOOK_` prefix in your Additionally, the database name and username have to be changed, so add this block to your `.env` file: -``` +```shell PG_USER=passbook PG_DB=passbook ``` @@ -50,7 +50,7 @@ Afterwards, you can simply run `docker-compose up -d` and then the normal upgrad The helm repository changes from passbook to authentik. To update your repository, execute these commands: -``` +```shell helm repo remove passbook helm repo add authentik https://docker.beryju.org/chartrepo/authentik ``` @@ -68,7 +68,7 @@ postgresql: Afterwards you can upgrade as usual from the new repository: -``` +```shell helm upgrade authentik authentik/authentik --devel -f values.yaml ``` diff --git a/website/docs/releases/old/v0.9.md b/website/docs/releases/old/v0.9.md index cbc2cca678b6..6972e80891a4 100644 --- a/website/docs/releases/old/v0.9.md +++ b/website/docs/releases/old/v0.9.md @@ -9,14 +9,14 @@ To export data from your old instance, run this command: - docker-compose -``` +```shell docker-compose exec server ./manage.py dumpdata -o /tmp/authentik_dump.json authentik_core.User authentik_core.Group authentik_crypto.CertificateKeyPair authentik_audit.Event otp_totp.totpdevice otp_static.staticdevice otp_static.statictoken docker cp authentik_server_1:/tmp/authentik_dump.json authentik_dump.json ``` - kubernetes -``` +```shell kubectl exec -it authentik-web-... -- ./manage.py dumpdata -o /tmp/authentik_dump.json authentik_core.User authentik_core.Group authentik_crypto.CertificateKeyPair authentik_audit.Event otp_totp.totpdevice otp_static.staticdevice otp_static.statictoken kubectl cp authentik-web-...:/tmp/authentik_dump.json authentik_dump.json ``` @@ -25,14 +25,14 @@ After that, create a new authentik instance in a different namespace (kubernetes - docker-compose -``` +```shell docker cp authentik_dump.json new_authentik_server_1:/tmp/authentik_dump.json docker-compose exec server ./manage.py loaddata /tmp/authentik_dump.json ``` - kubernetes -``` +```shell kubectl cp authentik_dump.json authentik-web-...:/tmp/authentik_dump.json kubectl exec -it authentik-web-... -- ./manage.py loaddata /tmp/authentik_dump.json ``` diff --git a/website/docs/troubleshooting/emails.md b/website/docs/troubleshooting/emails.md index d6ed9c1f5eeb..6a6dd9146cbe 100644 --- a/website/docs/troubleshooting/emails.md +++ b/website/docs/troubleshooting/emails.md @@ -8,7 +8,7 @@ Some hosting providers block outgoing SMTP ports, in which case you'll have to h To test if an email stage, or the global email settings are configured correctly, you can run the following command: -``` +```shell ak test_email [-S ] ``` @@ -16,12 +16,12 @@ If you omit the `-S` parameter, the email will be sent using the global settings To run this command with docker-compose, use -``` +```shell docker compose exec worker ak test_email [...] ``` To run this command with Kubernetes, use -``` +```shell kubectl exec -it deployment/authentik-worker -c authentik -- ak test_email [...] ``` diff --git a/website/docs/troubleshooting/ldap_source.md b/website/docs/troubleshooting/ldap_source.md index 04ca17232244..9b322cc45c2c 100644 --- a/website/docs/troubleshooting/ldap_source.md +++ b/website/docs/troubleshooting/ldap_source.md @@ -4,24 +4,24 @@ title: Troubleshooting LDAP Synchronization To troubleshoot LDAP sources, you can run the command below to run a synchronization in the foreground and see any errors or warnings that might happen directly -``` +```shell docker compose run --rm worker ldap_sync *slug of the source* ``` or, for Kubernetes, run -``` +```shell kubectl exec -it deployment/authentik-worker -c authentik -- ak ldap_sync *slug of the source* ``` Starting with authentik 2023.10, you can also run command below to explicitly check the connectivity to the configured LDAP Servers: -``` +```shell docker compose run --rm worker ldap_check_connection *slug of the source* ``` or, for Kubernetes, run -``` +```shell kubectl exec -it deployment/authentik-worker -c authentik -- ak ldap_check_connection *slug of the source* ``` diff --git a/website/docs/troubleshooting/login.md b/website/docs/troubleshooting/login.md index 31f1420b7066..49b40371c5ab 100644 --- a/website/docs/troubleshooting/login.md +++ b/website/docs/troubleshooting/login.md @@ -10,19 +10,19 @@ This recovery key will give whoever has the link direct access to your instances To create the key, run the following command: -``` +```shell docker compose run --rm server create_recovery_key 10 akadmin ``` For Kubernetes, run -``` +```shell kubectl exec -it deployment/authentik-worker -c authentik -- ak create_recovery_key 10 akadmin ``` or, for CLI, run -``` +```shell ak create_recovery_key 10 akadmin ``` diff --git a/website/docs/troubleshooting/missing_admin_group.md b/website/docs/troubleshooting/missing_admin_group.md index 632e63fb41f2..7fe015ba1920 100644 --- a/website/docs/troubleshooting/missing_admin_group.md +++ b/website/docs/troubleshooting/missing_admin_group.md @@ -6,12 +6,12 @@ If all of the Admin groups have been deleted, or misconfigured during sync, you Run the following command, where _username_ is the user you want to add to the newly created group: -``` +```shell docker compose run --rm server create_admin_group username ``` or, for Kubernetes, run -``` +```shell kubectl exec -it deployment/authentik-worker -c authentik -- ak create_admin_group username ``` diff --git a/website/docs/troubleshooting/missing_permission.md b/website/docs/troubleshooting/missing_permission.md index 713b58610e1a..d9c0ad5878cd 100644 --- a/website/docs/troubleshooting/missing_permission.md +++ b/website/docs/troubleshooting/missing_permission.md @@ -8,13 +8,13 @@ The error should be temporary and not occur after initial installation. If it does, you can run the following command to ensure all permissions exist: -``` +```shell docker compose run --rm worker repair_permissions ``` or, for Kubernetes, run -``` +```shell kubectl exec -it deployment/authentik-worker -c authentik -- ak repair_permissions ``` diff --git a/website/docs/user-group-role/user/invitations.md b/website/docs/user-group-role/user/invitations.md index e3e58f42e947..bbb8736b26e0 100644 --- a/website/docs/user-group-role/user/invitations.md +++ b/website/docs/user-group-role/user/invitations.md @@ -17,7 +17,7 @@ The fastest way to create an invitation is to use our pre-defined `default-enrol To download the `default-enrollment-flow` file, run this command: -``` +```shell wget https://goauthentik.io/blueprints/example/flows-enrollment-2-stage.yaml ``` diff --git a/website/docs/user-group-role/user/user_ref.md b/website/docs/user-group-role/user/user_ref.md index 2288b072f2e7..6d0993978d37 100644 --- a/website/docs/user-group-role/user/user_ref.md +++ b/website/docs/user-group-role/user/user_ref.md @@ -93,11 +93,11 @@ underneath `additionalHeaders`: #### Example: -``` +```yaml additionalHeaders: - REMOTE-USER: joe.smith - REMOTE-EMAIL: joe@jsmith.com - REMOTE-NAME: Joseph + REMOTE-USER: joe.smith + REMOTE-EMAIL: joe@jsmith.com + REMOTE-NAME: Joseph ``` These headers will now be passed to the application when the user logs in. Most applications will need to be configured to accept these headers. Some examples of applications that can accept additional headers from an authentik Proxy Provider are [Grafana](https://grafana.com/docs/grafana/latest/auth/auth-proxy/) and [Tandoor Recipes](https://docs.tandoor.dev/features/authentication/). diff --git a/website/docusaurus.config.ts b/website/docusaurus.config.ts index 1be31ff6c47d..601d1c84a93f 100644 --- a/website/docusaurus.config.ts +++ b/website/docusaurus.config.ts @@ -1,6 +1,6 @@ -const fs = require("fs").promises; import type { Config } from "@docusaurus/types"; import type * as Preset from "@docusaurus/preset-classic"; +import { themes as prismThemes } from "prism-react-renderer"; module.exports = async function (): Promise { const remarkGithub = (await import("remark-github")).default; @@ -82,6 +82,8 @@ module.exports = async function (): Promise { indexName: "goauthentik", }, prism: { + theme: prismThemes.oneLight, + darkTheme: prismThemes.oneDark, additionalLanguages: ["python", "diff", "json"], }, }, diff --git a/website/integrations/services/jenkins/index.md b/website/integrations/services/jenkins/index.md index a8b4388ab4af..2652745d6c4a 100644 --- a/website/integrations/services/jenkins/index.md +++ b/website/integrations/services/jenkins/index.md @@ -20,7 +20,7 @@ The following placeholders will be used: Create an OAuth2/OpenID provider with the following parameters: - **Client Type**: `Confidential` -- Scopes: OpenID, Email and Profile +- **Scopes**: OpenID, Email and Profile - **Signing Key**: Select any available key Note the Client ID and Client Secret values for the provider. diff --git a/website/integrations/services/nextcloud/index.md b/website/integrations/services/nextcloud/index.md index 42d786ad5ff4..7eedc2285dff 100644 --- a/website/integrations/services/nextcloud/index.md +++ b/website/integrations/services/nextcloud/index.md @@ -138,6 +138,9 @@ Add a new provider using the `+` button and set the following values: You need to enable the "Use group provisioning" checkmark to be able to write to this field ::: - Use unique user ID: If you only have one provider you can uncheck this if you prefer. + :::tip + To avoid your group assignment being a hash value, deselect **Use unique user ID**. + ::: At this stage you should be able to login with SSO. diff --git a/website/integrations/services/pfsense/index.md b/website/integrations/services/pfsense/index.md index dd4003d2e1b4..5e28830c5adc 100644 --- a/website/integrations/services/pfsense/index.md +++ b/website/integrations/services/pfsense/index.md @@ -70,6 +70,7 @@ Change the following fields - Port value: 389 - Transport: Standard TCP - Base DN: `DC=ldap,DC=goauthentik,DC=io` +- Search Scope: Subtree - Authentication containers: `OU=users,DC=ldap,DC=goauthentik,DC=io` - Bind anonymous: **unticked** - Bind credentials: @@ -128,6 +129,7 @@ Change the following fields - Transport: SSL/TLS Encrypted - Peer Certificate Authority: `pfSense CA` - Base DN: `DC=ldap,DC=goauthentik,DC=io` +- Search Scope: Subtree - Authentication containers: `OU=users,DC=ldap,DC=goauthentik,DC=io` - Bind anonymous: **unticked** - Bind credentials: diff --git a/website/integrations/services/portainer/index.md b/website/integrations/services/portainer/index.md index e3dd940072ca..c574d8a84762 100644 --- a/website/integrations/services/portainer/index.md +++ b/website/integrations/services/portainer/index.md @@ -45,7 +45,7 @@ In Portainer, under _Settings_, _Authentication_, Select _OAuth_ and _Custom_ - Authorization URL: `https://authentik.company/application/o/authorize/` - Access Token URL: `https://authentik.company/application/o/token/` - Resource URL: `https://authentik.company/application/o/userinfo/` -- Redirect URL: `https://portainer.company` +- Redirect URL: `https://portainer.company/` - Logout URL: `https://authentik.company/application/o/portainer/end-session/` - User Identifier: `preferred_username` (Or `email` if you want to use email addresses as identifiers) - Scopes: `email openid profile` diff --git a/website/package-lock.json b/website/package-lock.json index 14b610376c35..0b6fb1571a2e 100644 --- a/website/package-lock.json +++ b/website/package-lock.json @@ -33,7 +33,7 @@ "@docusaurus/module-type-aliases": "3.2.1", "@docusaurus/tsconfig": "3.2.1", "@docusaurus/types": "3.2.1", - "@types/react": "^18.2.75", + "@types/react": "^18.2.77", "prettier": "3.2.5", "typescript": "~5.4.5" }, @@ -3902,9 +3902,9 @@ "integrity": "sha512-+0autS93xyXizIYiyL02FCY8N+KkKPhILhcUSA276HxzreZ16kl+cmwvV2qAM/PuCCwPXzOXOWhiPcw20uSFcA==" }, "node_modules/@types/react": { - "version": "18.2.75", - "resolved": "https://registry.npmjs.org/@types/react/-/react-18.2.75.tgz", - "integrity": "sha512-+DNnF7yc5y0bHkBTiLKqXFe+L4B3nvOphiMY3tuA5X10esmjqk7smyBZzbGTy2vsiy/Bnzj8yFIBL8xhRacoOg==", + "version": "18.2.77", + "resolved": "https://registry.npmjs.org/@types/react/-/react-18.2.77.tgz", + "integrity": "sha512-CUT9KUUF+HytDM7WiXKLF9qUSg4tGImwy4FXTlfEDPEkkNUzJ7rVFolYweJ9fS1ljoIaP7M7Rdjc5eUm/Yu5AA==", "dependencies": { "@types/prop-types": "*", "csstype": "^3.0.2" diff --git a/website/package.json b/website/package.json index a97566d5db94..16fdfb7be061 100644 --- a/website/package.json +++ b/website/package.json @@ -52,7 +52,7 @@ "@docusaurus/module-type-aliases": "3.2.1", "@docusaurus/tsconfig": "3.2.1", "@docusaurus/types": "3.2.1", - "@types/react": "^18.2.75", + "@types/react": "^18.2.77", "prettier": "3.2.5", "typescript": "~5.4.5" },