Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

root: deny unauthenticated websocket messages consumer #13308

Open
wants to merge 10 commits into
base: main
Choose a base branch
from
Open

root: deny unauthenticated websocket messages consumer #13308

wants to merge 10 commits into from

Conversation

rissson
Copy link
Member

@rissson rissson commented Feb 27, 2025
edited
Loading

Details

Needs #13297

Checklist

  • Local tests pass (ak test authentik/)
  • The code has been formatted (make lint-fix)

If an API change has been made

  • The API schema has been updated (make gen-build)

If changes to the frontend have been made

  • The code has been formatted (make web)

If applicable

  • The documentation has been updated
  • The documentation has been formatted (make website)

rissson and others added 10 commits February 27, 2025 14:49
@rissson
web/flow: remove websocket connection
516aa9d 
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
@rissson
Merge branch 'main' into flow-no-websocket
f03e56a
@rissson
wip
5e32840 
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
@rissson
I WROTE JS AND IT WORKED FIRST TIME
1f7a2d5 
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
@rissson
wip
bad8a8e 
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
@rissson
wip
5cc2bd5 
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
@rissson
fix-tests
ce6d76b 
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
@BeryJu @rissson
gen api for translate
2759b1c 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@rissson
only send messages for stuff non-redirecting
42501f6 
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
@rissson
root: deny unauthenticated websocket messages consumer
7d40e00 
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
@rissson rissson requested review from a team as code owners February 27, 2025 19:31
@netlify Netlify
Copy link

netlify bot commented Feb 27, 2025
edited
Loading

Deploy Preview for authentik-storybook ready!

Name Link
🔨 Latest commit 7d40e00
🔍 Latest deploy log https://app.netlify.com/sites/authentik-storybook/deploys/67c0bdac75a5f40008dc4bf8
😎 Deploy Preview https://deploy-preview-13308--authentik-storybook.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

@netlify Netlify
Copy link

netlify bot commented Feb 27, 2025
edited
Loading

Deploy Preview for authentik-docs canceled.

Name Link
🔨 Latest commit 7d40e00
🔍 Latest deploy log https://app.netlify.com/sites/authentik-docs/deploys/67c0bdac01102f00087a81ec

@codecov Codecov
Copy link

codecov bot commented Feb 27, 2025
edited
Loading

Codecov Report

Attention: Patch coverage is 89.47368% with 2 lines in your changes missing coverage. Please review.

Project coverage is 92.71%. Comparing base (c24fd61) to head (7d40e00).
Report is 2 commits behind head on main.

✅ All tests successful. No failed tests found.

Files with missing lines Patch % Lines
authentik/root/messages/consumer.py 33.33% 2 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main   #13308      +/-   ##
==========================================
+ Coverage   92.66%   92.71%   +0.04%     
==========================================
  Files         793      793              
  Lines       40268    40277       +9     
==========================================
+ Hits        37315    37343      +28     
+ Misses       2953     2934      -19
Flag Coverage Δ
e2e 48.08% <63.15%> (+0.09%) ⬆️
integration 24.11% <36.84%> (+<0.01%) ⬆️
unit 90.43% <89.47%> (-0.01%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@rissson rissson changed the title web/flow: remove websocket connection root: deny unauthenticated websocket messages consumer Feb 27, 2025
@github-actions GitHub Actions
Copy link
Contributor

authentik PR Installation instructions

Instructions for docker-compose

Add the following block to your .env file:

AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-7d40e00263319fa0f5a76154dc274b25b49555db
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s

Afterwards, run the upgrade commands from the latest release notes.

Instructions for Kubernetes

Add the following block to your values.yml file:

authentik:
    outposts:
        container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
global:
    image:
        repository: ghcr.io/goauthentik/dev-server
        tag: gh-7d40e00263319fa0f5a76154dc274b25b49555db

Afterwards, run the upgrade commands from the latest release notes.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@rissson @BeryJu