Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sources/oauth: periodically update OAuth sources' OIDC configuration #7245

Merged
merged 2 commits into from
Oct 20, 2023
Merged

sources/oauth: periodically update OAuth sources' OIDC configuration #7245

merged 2 commits into from
Oct 20, 2023

Conversation

BeryJu
Copy link
Member

@BeryJu BeryJu commented Oct 20, 2023

Details

Periodically fetch OIDC configuration (and JWKS if set) and update the OAuth source based on that

Checklist

  • Local tests pass (ak test authentik/)
  • The code has been formatted (make lint-fix)

If an API change has been made

  • The API schema has been updated (make gen-build)

If changes to the frontend have been made

  • The code has been formatted (make web)
  • The translation files have been updated (make i18n-extract)

If applicable

  • The documentation has been updated
  • The documentation has been formatted (make website)

@BeryJu
sources/oauth: periodically update OAuth sources' OIDC configuration
a19003f 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu BeryJu requested a review from a team as a code owner October 20, 2023 12:24
@netlify
Copy link

netlify bot commented Oct 20, 2023
edited
Loading

Deploy Preview for authentik-storybook canceled.

Name Link
🔨 Latest commit d135d6a
🔍 Latest deploy log https://app.netlify.com/sites/authentik-storybook/deploys/653277326814c10008514221

@codecov
Copy link

codecov bot commented Oct 20, 2023
edited
Loading

Codecov Report

Attention: 14 lines in your changes are missing coverage. Please review.

Comparison is base (e0da3bf) 92.65% compared to head (d135d6a) 91.18%.
Report is 2 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #7245      +/-   ##
==========================================
- Coverage   92.65%   91.18%   -1.48%     
==========================================
  Files         584      587       +3     
  Lines       28766    28840      +74     
==========================================
- Hits        26654    26297     -357     
- Misses       2112     2543     +431
Flag Coverage Δ
e2e 50.96% <4.05%> (-0.14%) ⬇️
integration ?
unit 89.62% <81.08%> (-0.03%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files Coverage Δ
authentik/sources/oauth/settings.py 100.00% <100.00%> (ø)
authentik/sources/oauth/tests/test_tasks.py 100.00% <100.00%> (ø)
authentik/sources/oauth/tasks.py 72.54% <72.54%> (ø)

... and 20 files with indirect coverage changes

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@github-actions
Copy link
Contributor

github-actions bot commented Oct 20, 2023
edited
Loading

authentik PR Installation instructions

Instructions for docker-compose

Add the following block to your .env file:

AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-sources-oauth-update-config-1697812371-d135d6a
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s

For arm64, use these values:

AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-sources-oauth-update-config-1697812371-d135d6a-arm64
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s

Afterwards, run the upgrade commands from the latest release notes.

Instructions for Kubernetes

Add the following block to your values.yml file:

authentik:
    outposts:
        container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
image:
    repository: ghcr.io/goauthentik/dev-server
    tag: gh-sources-oauth-update-config-1697812371-d135d6a

For arm64, use these values:

authentik:
    outposts:
        container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
image:
    repository: ghcr.io/goauthentik/dev-server
    tag: gh-sources-oauth-update-config-1697812371-d135d6a-arm64

Afterwards, run the upgrade commands from the latest release notes.

@BeryJu
make monitored task
d135d6a 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu BeryJu force-pushed the sources/oauth/update-config branch from b496ab4 to d135d6a Compare October 20, 2023 12:48
@netlify
Copy link

netlify bot commented Oct 20, 2023
edited
Loading

Deploy Preview for authentik ready!

Name Link
🔨 Latest commit d135d6a
🔍 Latest deploy log https://app.netlify.com/sites/authentik/deploys/653277321ab72d0008398dc3
😎 Deploy Preview https://deploy-preview-7245--authentik.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.
Lighthouse
Lighthouse		 1 paths audited
Performance: 96 (no change from production)
Accessibility: 90 (no change from production)
Best Practices: 100 (no change from production)
SEO: 80 (no change from production)
PWA: -
View the detailed breakdown and full score reports

To edit notification comments on pull requests, go to your Netlify site configuration.

@BeryJu BeryJu merged commit 63c52fd into main Oct 20, 2023
@BeryJu BeryJu deleted the sources/oauth/update-config branch October 20, 2023 14:51
kensternberg-authentik added a commit that referenced this pull request Oct 20, 2023
@kensternberg-authentik
Merge branch 'main' into web/improve-email-button-labels
aa0f5e4 
* main:
  web: bump API Client version (#7246)
  sources/oauth: include default JWKS URLs for OAuth sources (#6992)
  sources/oauth: periodically update OAuth sources' OIDC configuration (#7245)
  website/blogs: Fix sso blog to remove 3rd reason (#7230)
  lifecycle: fix otp_merge migration again (#7244)
  web: bump core-js from 3.33.0 to 3.33.1 in /web (#7243)
  core: bump node from 20 to 21 (#7237)
  web: fix bad comment that was confusing lit-analyze (#7234)
  translate: Updates for file web/xliff/en.xlf in zh_CN (#7235)
  core: bump ruff from 0.1.0 to 0.1.1 (#7238)
  core: bump twilio from 8.9.1 to 8.10.0 (#7239)
  web: bump the storybook group in /web with 5 updates (#7240)
  web: bump the wdio group in /tests/wdio with 4 updates (#7241)
  translate: Updates for file web/xliff/en.xlf in zh-Hans (#7236)
kensternberg-authentik added a commit that referenced this pull request Oct 20, 2023
@kensternberg-authentik
Merge branch 'main' into web/theme-controller-2
e8edbdb 
* main:
  web: bump API Client version (#7246)
  sources/oauth: include default JWKS URLs for OAuth sources (#6992)
  sources/oauth: periodically update OAuth sources' OIDC configuration (#7245)
  website/blogs: Fix sso blog to remove 3rd reason (#7230)
  lifecycle: fix otp_merge migration again (#7244)
  web: bump core-js from 3.33.0 to 3.33.1 in /web (#7243)
  core: bump node from 20 to 21 (#7237)
  web: fix bad comment that was confusing lit-analyze (#7234)
  translate: Updates for file web/xliff/en.xlf in zh_CN (#7235)
  core: bump ruff from 0.1.0 to 0.1.1 (#7238)
  core: bump twilio from 8.9.1 to 8.10.0 (#7239)
  web: bump the storybook group in /web with 5 updates (#7240)
  web: bump the wdio group in /tests/wdio with 4 updates (#7241)
  translate: Updates for file web/xliff/en.xlf in zh-Hans (#7236)
  web: isolate clipboard handling (#7229)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@BeryJu