web/maintenance: eliminate the need for DEFAULT_CONFIG boilerplate everywhere#22892
Open
kensternberg-authentik wants to merge 32 commits into
Open
web/maintenance: eliminate the need for DEFAULT_CONFIG boilerplate everywhere#22892kensternberg-authentik wants to merge 32 commits into
kensternberg-authentik wants to merge 32 commits into
Conversation
window.authentik.flow = {
"layout": "{{ flow.layout }}",
+ "background": "{{ flow.background }}",
+ "title": "{{ flow.title }}",
};
Amends the `flow.html` template and `GlobalAuthentik` parser to include new parameters, `background` and `title`, in the flow-specific part of the configuration written to the HTML `<head>` object, and to provide those parameters to client code.
## Why
The `layout` is start-up critical: it tells the Flow interface how the admin wants the Flow page to look, and allows the HTML and CSS to be pre-aligned to that condition. `layout` is determined on a per-Flow bases, not a per-Stage basis; Flows are derived from a tuple of `(Brand, Application?)`, where the opening policy *may* direct a user to a different flow if the user reached authentik via a redirect from a specific application, but will otherwise fall back to the default Flow for the Brand.
The `background` is a field that is required if the `Flow`’s layout is of type `frame_background`; in this case, the part of the viewport not dedicated to the FlowExecutor is reserved for an `<iframe>` that will be filled in with whatever the administrator specifies. Although this gives it the same priority as `layout` (whether it’s provided or undefined) for describing the [chrome](https://developer.mozilla.org/en-US/docs/Glossary/Chrome) around a challenge, it is currently not provided to the application in the start-up config; it is provided in the `challenge` and renders the IFrame as part of the initial challenge.
This patch fixes that; if `layout` is provided, `background` ought to be as well, even if it’s empty. The execution of a Challenge ought not have any influence over the look and feel of the Flow-defined appearance *around* that Challenge.
I have added `title` as well; with that, all of the current theme-and-appearance related configuration details are placed into `<head>` and can be removed from the FlowExecutor.
Server-side, `background` is currently specified: `background = FileField(blank=True, default="")` which is … interesting since we also appear to store URLs in it. I don’t see anything in the FlowSerializer that would change that from a client’s point of view.
This patch furthers the effort to separate flow execution from flow presentation.
- \[🐰\] The code has been formatted (`make web`)
* main: (36 commits) website: fix typos (#20996) internal/outpost/ak: fix ws URL on outpost restart (#21041) sources/ldap: fix incorrect error response for invalid sync_users_password (#21016) website/docs: add missing dependencies for linux dev environment (#21020) core, web: update translations (#21021) web: bump flatted from 3.4.1 to 3.4.2 in /web (#21037) web: bump @sentry/browser from 10.44.0 to 10.45.0 in /web in the sentry group across 1 directory (#21022) website: bump flatted from 3.4.1 to 3.4.2 in /website (#21038) core: bump astral-sh/uv from 0.10.11 to 0.10.12 in /lifecycle/container (#21027) ci: bump actions-rust-lang/setup-rust-toolchain from 1.15.3 to 1.15.4 in /.github/actions/setup (#21030) ci: bump taiki-e/install-action from 2.68.26 to 2.69.2 in /.github/actions/setup (#21029) core: bump goauthentik/fips-debian from `7baeeaa` to `7726387` in /lifecycle/container (#21028) core: bump aws-cdk-lib from 2.243.0 to 2.244.0 (#21026) core: bump types-ldap3 from 2.9.13.20251121 to 2.9.13.20260319 (#21024) core: bump ruff from 0.15.6 to 0.15.7 (#21023) core: bump goauthentik/fips-python from `859ad57` to `bf45eb7` in /lifecycle/container (#21025) website/integrations: fix AWS SCIM with Identity Center (#21017) root: allow listening on multiple IPs (#20930) website: switch docs analytics to gtag (#20993) web: link file picker to docs (#20995) ...
* main: (22 commits) ci: rotate GH App private key (#21085) internal/web: remove authentication for metrics (#21077) lib/config: explicit some defaults (#21079) internal: remove unix sockets on shutdown (#21081) ci: fix escaping in cherry-pick action (#21082) lib/config: support printing multiple values (#21080) root: fix rust setup (#21078) core: bump types-docker from 7.1.0.20260109 to 7.1.0.20260322 (#21062) policies: remove BufferedPolicyAccessView leftovers (#21057) core: bump axllent/mailpit from v1.29.3 to v1.29.4 in /tests/e2e (#21061) core: bump types-channels from 4.3.0.20250822 to 4.3.0.20260321 (#21063) core: bump github.com/jackc/pgx/v5 from 5.8.0 to 5.9.1 (#21059) translate: Updates for project authentik and language fr_FR (#21056) ci: bump taiki-e/install-action from 2.69.2 to 2.69.6 in /.github/actions/setup (#21068) web: bump the storybook group across 1 directory with 5 updates (#21031) web: bump knip from 5.88.0 to 5.88.1 in /web (#21033) web: bump type-fest from 5.4.4 to 5.5.0 in /web (#21032) events: prevent exception when events contains incompatible unicode (#21048) web/admin: handle non-string values in formatUUID to prevent Event Log crash (#20804) events: avoid implicitly setting context from login_failed event (#21045) ...
* main: core: remove filter_not_expired for QS (#18274) tenants: fix default schema in initial migration (#21114) core: bump django-stubs[compatible-mypy] from 5.2.9 to 6.0.1 (#21099) core, web: update translations (#21097) lifecycle/aws: bump aws-cdk from 2.1112.0 to 2.1113.0 in /lifecycle/aws (#21098) core: bump types-requests from 2.32.4.20260107 to 2.32.4.20260324 (#21100) core: bump constructs from 10.5.1 to 10.6.0 (#21101) core: bump astral-sh/uv from 0.10.12 to 0.11.0 in /lifecycle/container (#21103) ci: bump taiki-e/install-action from 2.69.6 to 2.69.7 in /.github/actions/setup (#21104) web: bump flatted from 3.4.1 to 3.4.2 (#21076) core: bump goauthentik.io/api/v3 to 3.2026.5.0-rc1-1774286095 (#21089) core: bump cbor2 from 5.8.0 to 5.9.0 (#21094) ci: fix cherry-pick action generating empty title (#21091) web: bump the swc group across 1 directory with 11 updates (#21070) web: bump yaml from 2.8.2 to 2.8.3 in /web (#21071) core: add flag for future default behaviour of requiring a binding to access an application (#16247)
* main: (26 commits) endpoints/connectors: fix enabled flag not respected (#21144) web: bump vite from 7.3.1 to 8.0.2 in /web (#21109) website/docs: add a single page about our user interface, document Consent stage (#20533) website: bump the build group across 1 directory with 9 updates (#21127) web: bump knip from 5.88.1 to 6.0.5 in /web (#21129) core: bump drf-spectacular from 0.28.0 to 0.29.0 (#19420) packages/client-go: init (#21139) providers/proxy: Add a default maxResponseBodySize to Traefik Middleware (#21111) core: bump library/nginx from `dec7a90` to `7150b3a` in /website (#21137) core: bump gunicorn from 25.1.0 to 25.2.0 (#21134) core: bump github.com/getsentry/sentry-go from 0.43.0 to 0.44.1 (#21122) core: bump astral-sh/uv from 0.11.0 to 0.11.1 in /lifecycle/container (#21135) ci: bump taiki-e/install-action from 2.69.8 to 2.69.9 in /.github/actions/setup (#21136) web/a11y: Modals, Command Palette (Merge branch) (#17812) website/docs: document file picker values (#20994) packages/client-rust: init (#21117) core: bump sentry-sdk from 2.55.0 to 2.56.0 (#21124) events: add helper to log deprecation configuration_warning message (#21115) core: bump djangorestframework from 3.17.0 to 3.17.1 (#21126) core: bump twilio from 9.10.3 to 9.10.4 (#21123) ...
* main: (21 commits) root: cleanup API generation (#21172) packages/client-ts: init (#21120) core, web: update translations (#21159) website: bump @goauthentik/docusaurus-config from 2.5.1 to 2.6.0 in /website in the docusaurus group (#21161) core: bump cryptography from 46.0.5 to 46.0.6 (#21162) core: bump library/node from 25.8.1-trixie to 25.8.2-trixie in /website (#21163) ci: bump taiki-e/install-action from 2.69.9 to 2.69.10 in /.github/actions/setup (#21164) web: bump the goauthentik group across 1 directory with 3 updates (#21165) web: bump typescript from 5.9.3 to 6.0.2 in /web (#21107) web/flows: fix continuous flow leftovers (#21158) web: bump picomatch from 4.0.3 to 4.0.4 (#21157) web: bump yaml from 2.8.2 to 2.8.3 (#21156) website: bump picomatch in /website (#21155) web: bump smol-toml from 1.6.0 to 1.6.1 (#21154) web: bump picomatch from 2.3.1 to 2.3.2 in /web (#21153) web: bump smol-toml from 1.6.0 to 1.6.1 in /web (#21152) root: optimise api client generation speed (#21141) website/integrations: nextcloud add back-channel logout documentation (#21147) core: bump requests from 2.32.5 to 2.33.0 (#21146) web: bump chromedriver from 146.0.5 to 146.0.6 in /web (#21128) ...
* main: website/integrations: add OAUTH_AUTO_REDIRECT for karakeep (#21180) website/integrations: beszel: add email scope (#21176) web: lint/small type errors (#21179) packages/django-dramatiq-postgres: add index for (queue_name, state, eta) (#21175) root: add git attributes for generated/vendored (#21177) web: bump vite from 8.0.2 to 8.0.3 in /web (#21171) core, web: Vendored client follow-ups (#21174) website: Enable gtag in production (#21151)
* main: (52 commits) stages/authenticator_webauthn: save attestation certificate when creating credential (#20095) web/admin: fix missing icon on app view page (#21251) web/elements: allow table per-column options (#21250) ci: bump actions/setup-go from 6.3.0 to 6.4.0 (#21245) web: bump knip from 6.0.6 to 6.1.0 in /web (#21241) web: bump globby from 16.1.1 to 16.2.0 in /web (#21242) core: bump types-requests from 2.32.4.20260324 to 2.33.0.20260327 (#21236) core: bump types-docker from 7.1.0.20260322 to 7.1.0.20260328 (#21237) core: bump aws-cdk-lib from 2.244.0 to 2.245.0 (#21238) ci: bump int128/docker-manifest-create-action from 2.16.0 to 2.17.0 (#21244) ci: bump astral-sh/setup-uv from 7.6.0 to 8.0.0 in /.github/actions/setup (#21246) ci: bump taiki-e/install-action from 2.69.12 to 2.70.2 in /.github/actions/setup (#21247) ci: bump actions/setup-go from 6.3.0 to 6.4.0 in /.github/actions/setup (#21248) core, web: update translations (#21233) translate: Updates for project authentik and language fr_FR (#21214) web/admin: polish recent events, various button alignments and labels (#21232) outposts: Create separate metrics service in Kubernetes (#21229) events: fix exception in volume endpoint, adjust simple table size (#21230) core: Application stats, device events & cleanup (#21225) core: bump axllent/mailpit from v1.29.4 to v1.29.5 in /tests/e2e (#21226) ...
* main: translate: Updates for project authentik and language fr_FR (#21285) packages/django-postgres-cache: rework to use ORM (#17771) providers/saml: Fix redirect for saml slo (#21258) core: fix provider not nullable (#21275) website/docs: ad source: add note about ldap signing (#21274) website/api: update API clients doc (#21202) ci: bump taiki-e/install-action from 2.70.2 to 2.70.3 in /.github/actions/setup (#21267) lifecycle/aws: bump aws-cdk from 2.1114.1 to 2.1115.0 in /lifecycle/aws (#21265) core, web: update translations (#21264) packages/ak-lib: init (#21257) website/docs: document group_uuid as a property for group object (#20865) web/flow: extract lifecycle events peripheral to stage management into their own controllers (#20898) core: bump pygments from 2.19.2 to 2.20.0 (#21260) website/docs: add grafana dashboard (#21254)
* main: packages/django-postgres-cache: fix expiry and delete (#21307) website/docs: entra scim: add note about validator (#21273) core: bump djangorestframework-stubs[compatible-mypy] from 3.16.8 to 3.16.9 (#21294) web: bump @xmldom/xmldom from 0.8.11 to 0.8.12 in /web (#21301) blueprints: rework one-time import (#18074) lifecycle/aws: bump aws-cdk from 2.1115.0 to 2.1115.1 in /lifecycle/aws (#21293) core, web: update translations (#21288) core: bump sentry-sdk from 2.56.0 to 2.57.0 (#21295) core: bump aws-cdk-lib from 2.245.0 to 2.246.0 (#21296) stages/authenticator_webauthn: Update FIDO MDS3 & Passkey aaguid blobs (#21290) ci: bump getsentry/action-release from 3.5.0 to 3.6.0 (#21298) ci: bump taiki-e/install-action from 2.70.3 to 2.70.4 in /.github/actions/setup (#21299) website/docs: add example recovery flow with MFA (#19497) website/docs: format cache settings (#21289) source/saml: Add forceauthn to saml authnrequest (#20883)
* main: (26 commits) root: fix compose generation for patch releases release candidates (#21353) web: bump @swc/cli from 0.8.0 to 0.8.1 in /web in the swc group across 1 directory (#21300) providers/proxy: fix oidc client not using socket in embedded outpost (#21280) packages/client-rust: fix portable sed usage (#21337) packages/ak-common/tokio/proxy_procotol: init (#21311) packages/ak-common/config: init (#21256) core: bump beryju.io/ldap from 0.1.0 to 0.2.1 (#21235) web: bump @sentry/browser from 10.46.0 to 10.47.0 in /web in the sentry group across 1 directory (#21297) packages/ak-common/arbiter: init (#21253) website/docs: fix full dev setup ordering (#21332) core: bump types-docker from 7.1.0.20260328 to 7.1.0.20260402 (#21342) packages/ak-common: rename from ak-lib (#21314) root: fix rustfmt config (#21312) core: bump types-ldap3 from 2.9.13.20260319 to 2.9.13.20260402 (#21343) web: bump the bundler group across 1 directory with 4 updates (#21345) core: bump aiohttp from 3.13.3 to 3.13.4 (#21333) core, web: update translations (#21335) lifecycle/aws: bump aws-cdk from 2.1115.1 to 2.1116.0 in /lifecycle/aws (#21338) core: bump types-requests from 2.33.0.20260327 to 2.33.0.20260402 (#21339) core: bump django-stubs[compatible-mypy] from 6.0.1 to 6.0.2 (#21340) ...
* main: website/docs: Clean up PostgreSQL documentation (#21131)
* main: (58 commits) packages/ak-axum/error: init (#21315) packages/ak-axum: init (#21313) website: bump the build group across 1 directory with 9 updates (#21396) core: bump jwcrypto from 1.5.6 to 1.5.7 (#21423) web: bump fuse.js from 7.1.0 to 7.3.0 in /web (#21429) web: bump the bundler group across 1 directory with 3 updates (#21425) web: bump cspell from 9.7.0 to 10.0.0 (#21427) web: bump knip from 6.1.0 to 6.3.0 in /web (#21428) sources/ldap: Switch to new connection tracking, deprecated attribute-based connection (#21392) packages/ak-common/mode: init (#21259) packages/ak-common/tracing: init (#21263) web/admin: Improve WS-Fed algo selection logic (#20881) packages/ak-common/tls: init (#21262) packages/ak-common/config: add set helper for tests (#21356) tasks: allow retry for rejected tasks only (#21433) core, web: update translations (#21394) website/docs: clarify file upload troubleshooting (#21361) ci: bump aws-actions/configure-aws-credentials from 6.0.0 to 6.1.0 (#21424) core: bump uvicorn[standard] from 0.43.0 to 0.44.0 (#21422) ci: bump taiki-e/install-action from 2.73.0 to 2.74.0 in /.github/actions/setup (#21426) ...
* main: (38 commits) website/integrations: update FortiGate SSLVPN doc (#21475) ci: cache apt install (#21480) packages/ak-common: use imports where possible (#21478) packages/ak-axum/server: cleanup unix socket (#21477) packages/ak-common, ak-axum: improve logging (#21476) packages/ak-axum/extract/scheme: init (#21322) core: fix policy binding objects not being nullable (#21421) packages/ak-axum/extract/client_ip: init (#21321) translate: Updates for project authentik and language fr_FR (#21474) website: bump the docusaurus group in /website with 10 updates (#21452) packages/docusaurus-config: update config for docusaurus 3.10 (#21471) packages/ak-axum/extract/trusted_proxy: init (#21320) web: Fix duplicate Turnstile widgets after extended idle (#21380) packages/ak-axum/accept/proxy_protocol: init (#21319) web: bump chromedriver from 147.0.0 to 147.0.1 in /web (#21467) ci: fix `docker-push-variables` (#21470) core, web: update translations (#21450) docs,ci: fix main daily compose downloads + release template (#21448) web: bump the storybook group across 1 directory with 5 updates (#21460) core: bump cryptography from 46.0.6 to 46.0.7 (#21456) ...
* main: (36 commits) web/e2e: accept options in NavigatorFixture.waitForPathname (#21507) web/styles: switch to upstream RedHat variable fonts and brighten orange palette (#21509) web/styles: add ak-c-loading-skeleton CSS component (#21510) core, web: update translations (#21532) core: bump lxml from 6.0.2 to 6.0.3 (#21523) core: bump library/node from `45babd1` to `9707cd4` in /lifecycle/container (#21522) tasks: better error message for Retry exceptions (#18235) web/admin: fix user list avatar (#21531) core: bump django from v5.2.12 to 5.2.13 (#21520) core: add cooldown to dependabot (#21286) web/admin: include avatar in user list page (#21518) events: add index on Event.user.pk (#19576) ci: always run apt update (#21516) enterprise/search: move QL to open source] (#21484) core: add logging when session decode fails (#21514) website/docs: Refactor email configuration (#21130) core: bump types-ldap3 from 2.9.13.20260402 to 2.9.13.20260408 (#21493) packages/ak-common/db: init (#21357) packages/ak-axum/extract/host: init (#21323) web: bump knip from 6.3.0 to 6.3.1 in /web (#21505) ...
* main: (269 commits) root: fix rust build with uv-installed Python (#21858) core: add support for hiding applications from the user dashboard (#21530) core: bump ruff from 0.15.11 to 0.15.12 (#21871) packages/ak-axum/router: add X-Powered-By to all responses (#21940) core: bump microsoft-kiota-serialization-form from 1.9.8 to v1.10.1 (#21909) core: bump pytest-randomly from 4.0.1 to 4.1.0 (#21873) core: users/groups reduce number of database queries (#20431) core: bump types-channels from 4.3.0.20260408 to 4.3.0.20260421 (#21872) ci: bump taiki-e/install-action from 2.75.21 to 2.75.22 in /.github/actions/setup (#21877) core, web: update translations (#21870) sources/oauth: ensure user ID is returned as str (#21880) translate: Updates for project authentik and language no_NO (#21862) core: bump maxminddb from 3.0.0 to v3.1.1 (#21907) core: bump prometheus-client from 0.24.0 to v0.25.0 (#21919) core: bump azure-identity from 1.25.1 to v1.25.3 (#21886) core: bump aiohttp from 3.13.4 to v3.13.5 (#21882) core: bump anyio from 4.12.1 to v4.13.0 (#21883) core: bump asgiref from 3.11.0 to v3.11.1 (#21884) core: bump azure-core from 1.38.0 to v1.39.0 (#21885) core: bump blessed from 1.25.0 to v1.38.0 (#21887) ...
* main: web: bump knip from 6.6.0 to 6.6.3 in /web (#21981) packages/ak-common/tracing: make log level lowercase (#21991) root: only allow listen failure in dev (#21987) flows: preserve signed background URLs in CSS (#21868) core, web: update translations (#21966) core: fix search for app entitlements failing (#21944) ci: bump taiki-e/install-action from 2.75.22 to 2.75.23 in /.github/actions/setup (#21982) website/integrations: Refactor and cleanup GitHub Enterprise (#21685) web: Clear remember me before navigation. (#21647) web: bump knip from 6.4.1 to 6.6.0 in /web (#21957) core: bump github.com/getsentry/sentry-go from 0.45.1 to 0.46.0 (#21955) core: bump uvicorn[standard] from 0.44.0 to 0.45.0 (#21956) core: bump rustls from 0.23.39 to 0.23.40 (#21958) core: support hashed password in users API + automated install (#18686) core, web: update translations (#21952) providers/saml: generate issuer url when provider is set on app (#18022)
* main: web/admin: use bindings form for app entitlements (#22007) website/integrations: Add guide to integrate Technitium DNS with authentik (#21826) website/docs: clarify M2M scope requests (#21977) website/docs: clarify LDAP TLS verification (#21974) website/docs: clarify blueprint identifiers (#21976) website/docs: document promoted sources (#21979) lifecycle/aws: bump aws-cdk from 2.1118.4 to 2.1119.0 in /lifecycle/aws (#22001) web: bump the swc group across 1 directory with 11 updates (#22004) core: bump uvicorn[standard] from 0.45.0 to 0.46.0 (#22002) web: bump @sentry/browser from 10.49.0 to 10.50.0 in /web in the sentry group across 1 directory (#22003) ci: bump taiki-e/install-action from 2.75.23 to 2.75.25 in /.github/actions/setup (#22005) core: bump reqwest from 0.13.2 to 0.13.3 (#22006) stages/authenticator_webauthn: Update FIDO MDS3 & Passkey aaguid blobs (#21999) core, web: update translations (#21998) enterprise: account lockdown (#18615) enterprise/lifecycle: remove one review per object limitation (#21046)
* main: (36 commits) website/integrations: actual budget: add env var (#22036) website/docs: add webhook mapping examples (#21971) website/integrations: fix nextcloud LDAP group mapping (#21970) website/docs: preserve blueprint download filenames (#21969) web: Radio and Checkbox Input Revisions (#21792) providers/oauth: make rp init logout oidc certification changes (#21815) website/docs: document SCIM custom attributes (#21980) root: introduce allinone mode (#21990) website/docs: add SAML source mapping guidance (#21978) website/docs: fix misplaced AWS-LC clang warning (#22034) lifecycle/worker_process: fix healthchecks and metrics not reloading db connections after a failure (#21992) root: add more logging to worker requests (#21989) root/channels: use group_send_blocking where possible (#21993) core, web: update translations (#22014) translate: Updates for project authentik and language fr_FR (#22015) enterprise/providers/ssf: more conformance fixes (#21521) web/flows: update flow background (#22032) website/integrations: update NetBox OIDC config (#22018) web: bump @formatjs/intl-listformat from 8.3.2 to 8.3.4 in /web (#22026) web: bump knip from 6.6.3 to 6.7.0 in /web (#22027) ...
* main: (24 commits) root: update django to 5.2.14 (#22064) tenants: add option to mark flag as deprecated (#22063) web/stages: better wording for webauthn authenticator attachments options (#22062) web: bump vite from 8.0.8 to 8.0.10 in /web (#21842) api: set authenticated session user agent nullable properties (#22059) web/admin: redirect stage: adds mention of static url (#22060) web: bump axios from 1.15.0 to 1.16.0 in /web (#22058) providers/oauth2: override RedirectURITypeEnum capitalization for generated API (#22037) website/docs: document language settings (#21968) website/docs: document supported PostgreSQL versions (#21967) website: bump docusaurus-theme-openapi-docs from 5.0.1 to 5.0.2 in /website (#22052) web: bump the storybook group across 1 directory with 5 updates (#22024) revert: web: Consistent use of "User Dashboard" (#22038) (#22046) core: bump metrics-exporter-prometheus from 0.18.1 to 0.18.3 (#22057) core, web: update translations (#22047) core: bump cryptography from 47.0.0 to 48.0.0 (#22053) core: bump psycopg[c,pool] from 3.3.3 to 3.3.4 (#22054) ci: bump taiki-e/install-action from 2.75.28 to 2.75.29 in /.github/actions/setup (#22056) web: remove native fieldset borders from action groups (#21334) website/docs: document blueprint import options (#21973) ...
* main: root: ensure uv sync does not update uv.lock (#22084) core: bump dramatiq from 1.17.1 to 2.1.0 (#22076) web: Fix Vendored Lex package. Add Unit Tests (#22083) core, web: update translations (#22074) website: bump the build group in /website with 6 updates (#22075) web: bump ip-address from 10.1.0 to 10.2.0 in /web (#22082) web: bump the swc group across 1 directory with 11 updates (#22078) ci: bump taiki-e/install-action from 2.75.29 to 2.75.30 in /.github/actions/setup (#22077) web: bump country-flag-icons from 1.6.16 to 1.6.17 in /web (#22079) web: bump yaml from 2.8.3 to 2.8.4 in /web (#22080) core: bump sentry from 0.47.0 to 0.48.0 (#22081) packages/client-ts: Fix TypeScript config, ESBuild warnings (#21863) web: fix identification stage OUIA attributes (#22049) stages/invitation: Invitation wizard (#20399) Web/release202604/nits 2 (#22040) web: Gracefully handle missing element construction. (#21787)
* main: (46 commits) events: fix `destination_group_obj` not being nullable (#22161) tenants/settings: present unset flags as `False` (#22162) root: fix version bump sed command (#22149) website: Add PhotoPrism integration guide (#22146) website: Add PostHog integration guide (#22147) website/docs: update user credentials tab docs (#22143) website/docs: release notes for 2026.5.0 (#21997) website/docs: document cross-provider token introspection (#22142) website/docs: add Wazuh SAML signing certificate step (#22071) website/docs: fix frontend dev environment paths and compose override usage (#20976) website/integrations: Add Splunk Enterprise Integration Guide (#20765) website/integrations: add Anthropic integration guides (#22134) website/integrations: Add christiaangoossens/hass-oidc-auth to the Home Assistant integration docs (#21730) website/integrations: Use correct API scope for Netbird (#21780) website/integrations: ? (#22138) website/docs: add CMake to full dev environment (#22137) locale: fix de_DE locale placeholder (#22130) website/docs: stages cleanup (#21558) website: bump the build group in /website with 3 updates (#22104) web: bump basic-ftp from 5.3.0 to 5.3.1 in /web (#22131) ...
* main: (47 commits) core: bump python-kadmin-rs from 0.7.1 to 0.7.2 (#22234) website: bump react-dom from 19.2.5 to 19.2.6 in /website (#22198) web: bump the react group across 1 directory with 2 updates (#22208) web: bump knip from 6.9.0 to 6.11.0 in /web (#22212) web: bump @formatjs/intl-listformat from 8.3.4 to 8.3.5 in /web (#22211) website: bump react from 19.2.5 to 19.2.6 in /website (#22199) core: update psycopg[pool] requirement from <4,>=3 to >=3.3.4,<4 (#22201) core: bump the uv group across 1 directory with 2 updates (#22237) ci: fix make gen in release workflows (#22235) ci: run make gen when tagging a new release (#22229) ci: Improve branch-off action description (#22188) web/admin: fix user wizard close button (#22222) core: bump pydantic from 2.13.3 to 2.13.4 (#22207) core: bump tokio from 1.52.1 to 1.52.2 (#22160) core: bump library/node from `735dd68` to `4f2b45e` in /lifecycle/container (#22210) core, web: update translations (#22140) core: bump twilio from 9.10.5 to 9.10.9 (#22202) core: bump python-kadmin-rs from 0.7.0 to 0.7.1 (#22205) core: bump cachetools from 7.0.6 to 7.1.1 (#22204) core: bump types-requests from 2.33.0.20260408 to 2.33.0.20260503 (#22206) ...
* main: (43 commits) website/docs: fix email link in CVE-2026-40166 (#22331) website/docs: add that the Grant Types are now on UI (#22315) core: bump ujson from 5.12.0 to 5.12.1 in the uv group across 1 directory (#22329) core: harden npm install against supply-chain attacks (#22245) core: bump django-stubs[compatible-mypy] from 6.0.3 to 6.0.4 (#22319) ci: bump taiki-e/install-action from 2.77.3 to 2.77.4 in /.github/actions/setup (#22321) endpoints: remove `print` line (#22325) website/docs: release notes 2026.5: add section about package reduction (#22308) core, web: update translations (#22318) stages/authenticator_webauthn: Update FIDO MDS3 & Passkey aaguid blobs (#22322) website/docs: Add invitation wizard docs (#22069) website/docs: release notes for 2025.12.5 and 2026.2.3 (#22310) internal: Automated internal backport: CVE-2026-41569.sec.patch to authentik-main (#22301) internal: Automated internal backport: CVE-2026-42849.sec.patch to authentik-main (#22303) internal: Automated internal backport: CVE-2026-40166.sec.patch to authentik-main (#22299) internal: Automated internal backport: GHSA-973w-j457-rp2m.sec.patch to authentik-main (#22305) internal: Automated internal backport: CVE-2026-41577.sec.patch to authentik-main (#22302) website/docs: add mention of drop-down menu, update multiple Integration Guides (#22269) website/docs: edit docs about how to add user/service account (#22228) website/docs: 2026.5 release notes: fix performance improvements wording (#22307) ...
* main: (53 commits) core: bump aws-cdk-lib from 2.253.0 to 2.253.1 (#22378) website: Docs and README new screenshots (#22341) root: Update CODEOWNERS for spellcheck dictionaries (#22408) core, web: update translations (#22372) translate: Updates for project authentik and language fr_FR (#22366) core: align django-channels-postgres psycopg[pool] floor with #22201 (#22363) core: bump msgraph-sdk from 1.56.0 to 1.57.0 (#22379) ci: bump actions/create-github-app-token from 3.1.1 to 3.2.0 (#22381) core: bump types-docker from 7.1.0.20260409 to 7.1.0.20260508 (#22417) core: bump types-ldap3 from 2.9.13.20260408 to 2.9.13.20260508 (#22423) core: bump types-zxcvbn from 4.5.0.20260408 to 4.5.0.20260508 (#22418) web/table: fetch on first render when already visible (#22376) web: bump stylelint from 17.11.0 to 17.11.1 in /web (#22430) web: bump @typescript/native-preview from 7.0.0-dev.20260507.1 to 7.0.0-dev.20260510.1 in /web (#22426) web: bump lit from 3.3.2 to 3.3.3 in /web (#22427) web: bump @lit/localize-tools from 0.8.1 to 0.8.2 in /web (#22428) web: bump dompurify from 3.4.2 to 3.4.3 in /web (#22429) core: bump types-channels from 4.3.0.20260421 to 4.3.0.20260508 (#22419) web: bump @codemirror/legacy-modes from 6.5.2 to 6.5.3 in /web (#22431) core: bump types-requests from 2.33.0.20260503 to 2.33.0.20260508 (#22420) ...
* main: (70 commits) core, web: update translations (#22553) core: bump cachetools from 7.1.2 to 7.1.3 (#22559) website/integrations: Semgrep: cleanup (#22403) website/integrations: Vaultwarden: cleanup (#22401) website/integrations: KnowBe4: cleanup (#22406) website/integrations: macmon NAC: cleanup (#22407) website/integrations: add learning section to categories (#22571) providers/radius: fix eap debug logging (#22551) ci: update nightly compatibility versions (#22557) ci: bump taiki-e/install-action from 2.79.1 to 2.79.2 in /.github/actions/setup (#22565) website/integrations: XCreds: cleanup (#22400) core: bump mypy from 1.20.2 to 2.0.0 (#22560) core: bump uvicorn[standard] from 0.46.0 to 0.47.0 (#22561) core: bump pyjwt from 2.11.0 to 2.13.0 (#22562) core: bump goauthentik/fips-python from `4fde79d` to `636cb9b` in /lifecycle/container (#22563) core: bump tower-http from 0.6.10 to 0.6.11 (#22566) website/docs: Fix release notes cards (#22554) website/integrations: Push Security: cleanup (#22404) website/integrations: Skyhigh Security: cleanup (#22402) events: fix certificate typo (#22542) ...
* main: (87 commits) core: bump openapitools/openapi-generator-cli from v7.21.0 to v7.22.0 in /packages/client-ts (#22575) core: bump django-stubs[compatible-mypy] from 6.0.4 to 6.0.5 (#22748) lifecycle/aws: bump aws-cdk from 2.1123.0 to 2.1124.1 in /lifecycle/aws (#22709) core: bump msgraph-sdk from 1.57.0 to 1.58.0 (#22711) web: bump tmp from 0.2.5 to 0.2.7 in /web (#22745) web: bump tmp from 0.2.6 to 0.2.7 (#22746) core: bump aws-cdk-lib from 2.256.0 to 2.257.0 (#22749) core: bump astral-sh/uv from 0.11.16 to 0.11.17 in /lifecycle/container (#22751) core: bump reqwest from 0.13.3 to 0.13.4 (#22755) core: bump github.com/grafana/pyroscope-go from 1.3.0 to 1.3.1 (#22773) core: bump uvicorn[standard] from 0.47.0 to 0.48.0 (#22774) core, web: update translations (#22786) core: bump ruff from 0.15.14 to 0.15.15 (#22775) core: bump coverage[toml] from 7.14.0 to 7.14.1 (#22776) ci: bump getsentry/action-release from 3.6.0 to 3.6.1 (#22777) ci: bump docker/setup-qemu-action from 4.0.0 to 4.1.0 (#22779) ci: bump taiki-e/install-action from 2.79.6 to 2.80.0 in /.github/actions/setup (#22781) ci: bump aws-actions/configure-aws-credentials from 6.1.1 to 6.1.3 (#22780) stages/authenticator_webauthn: Update FIDO MDS3 & Passkey aaguid blobs (#22772) website/integrations: Elastic Cloud: cleanup (#22707) ...
* main: (65 commits) website/integrations: FortiAnalyzer (#22610) website: fix British spellings flagged by cspell (#22818) website/integrations: fix Node-RED OIDC username docs (#22868) website/integrations: 1Password: cleanup (#22699) website/docs: improve service account docs (#22145) website/docs: update binding wizard labels (#22869) core: bump library/golang from 1.26.3-trixie to 1.26.4-trixie in /lifecycle/container (#22837) website/docs: add launch URL in Komodo docs (#22866) website/docs: add GitLab social login source guide (#22764) web: bump the eslint group across 1 directory with 3 updates (#22841) website/integrations: add email verified info to Mailcow (#22783) website/docs: mark cves CVE-2026-49443 and CVE-2026-49448 (#22808) website/integrations: add Icinga Web 2 (#22767) core, web: update translations (#22852) translate: Updates for project authentik and language hu_HU (#22813) website/docs: Add improved akql docs (#22693) website/integrations: add Nexterm (#22768) website/docs: clarify Google Workspace signed response setting (#22812) website/integrations: WordPress: cleanup (#22702) website/integrations: add Productive integration (#22769) ...
…erywhere
# Promise:
There is only one file change in the entire PR. I promise. It is `./web/src/common/api/client.ts`.
Every other change is mechanical.
# What
Replace the repetitive boilerplate of importing DEFAULT_CONFIG everywhere by replacing it with an enclosing function that does both instantiation and configuration for you.
# How !?!?!?! (I hear you cry)
Read the `client.ts` file. It shows you the new mechanism.
# Mechanical update:
Every other change to the source code was performed with the following seven-line script: use `prettier --print-width 400` to ensure all the construction expressions would be single-line (they weren’t necessarily always so); identify the files that used `DEFAULT_CONFIG`, replace their `import` statements, replace their instantiation expressions, then clean up the debris.
$ ./node_modules/.bin/prettier --cache --write -u . --print-width 400
$ rg -l 'import.*\{ DEFAULT_CONFIG \}' ./src > client-only.txt
$ perl -pi.bak -e 's{import \{ DEFAULT_CONFIG \} from "\#common/api/config"}{import \{ aki \} from "#common/api/client"}' $(cat client-only.txt )
$ perl -pi.bak -e 's{new ([A-Z][A-Za-z]+Api)\(DEFAULT_CONFIG\)}{aki(\1)}g' $(cat client-only.txt )
$ rm client-only.txt
$ find . -name '*.bak' -exec rm {} \;
$ npm run prettier
✅ Deploy Preview for authentik-integrations ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
✅ Deploy Preview for authentik-storybook ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
✅ Deploy Preview for authentik-docs ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
|
|
||
| type APIConstructor<T> = new (config: Configuration) => T; | ||
|
|
||
| let configuration: Configuration | null = null; |
Contributor
Author
There was a problem hiding this comment.
Cache the configuration formerly known as DEFAULT_CONFIG.
|
|
||
| let configuration: Configuration | null = null; | ||
|
|
||
| const endpoints = new Map<APIConstructor<unknown>, unknown>(); |
Contributor
Author
There was a problem hiding this comment.
Once instantiated, the API endpoints are static objects maintaining only their own configuration details. Cache them to make them re-usable.
| const endpoints = new Map<APIConstructor<unknown>, unknown>(); | ||
|
|
||
| function apiConfiguration(): Configuration { | ||
| if (!configuration) { |
Contributor
Author
There was a problem hiding this comment.
Build and cache the DEFAULT_CONFIG if it hasn't been built yet, otherwise return the existing one.
| } | ||
|
|
||
| export function aki<T>(APIClass: APIConstructor<T>): T { | ||
| let endpoint = endpoints.get(APIClass) as T | undefined; |
Contributor
Author
There was a problem hiding this comment.
For a given API class-level constructor passed in, see if there's an instance already. If not, build one, cache it. Return the instance.
| @@ -0,0 +1,47 @@ | |||
| import { | |||
Contributor
Author
There was a problem hiding this comment.
THIS IS THE NEW API INSTANTIATION API.
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #22892 +/- ##
=======================================
Coverage 93.29% 93.29%
=======================================
Files 1033 1033
Lines 60154 60154
Branches 400 400
=======================================
+ Hits 56121 56122 +1
+ Misses 4033 4032 -1
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Harness. |
Contributor
|
authentik PR Installation instructions Instructions for docker-composeAdd the following block to your AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-0edb913d523c3f34c86451f038b7a15387ea8ed4
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)sAfterwards, run the upgrade commands from the latest release notes. Instructions for KubernetesAdd the following block to your authentik:
outposts:
container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
global:
image:
repository: ghcr.io/goauthentik/dev-server
tag: gh-0edb913d523c3f34c86451f038b7a15387ea8ed4Afterwards, run the upgrade commands from the latest release notes. |
BeryJu
changed the title
…-stains * main: ci: bump taiki-e/install-action from 2.81.1 to 2.81.2 in /.github/actions/setup (#22884) website/integrations: add Atlantis integration (#22888) website/docs: Document WebAuthn device restrictions (#22867) web/admin: fix Docker outpost integration form CA Cert filter (#22863) web: bump @sentry/browser from 10.54.0 to 10.55.0 in /web in the sentry group across 1 directory (#22873) core: bump sentry-sdk from 2.60.0 to 2.61.0 (#22875) core: bump google-api-python-client from 2.196.0 to 2.197.0 (#22876) core: bump kubernetes from 36.0.0 to 36.0.2 (#22879) web: bump the bundler group across 1 directory with 3 updates (#22881) core: bump debugpy from 1.8.20 to 1.8.21 (#22880) ci: bump github/codeql-action from 4.36.0 to 4.36.1 (#22882) ci: bump AndreKurait/docker-cache from 0.6.0 to 0.7.0 in /.github/actions/setup (#22883)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
web/maintenance: eliminate the need for DEFAULT_CONFIG boilerplate everywhere
Promise:
There is only one file change in the entire PR. I promise. It is
./web/src/common/api/client.ts.Every other change is mechanical. See the guideposts I provided below; they'll take you straight to that file.
What
Replace the repetitive boilerplate of importing DEFAULT_CONFIG everywhere by replacing it with an enclosing function that does both instantiation and configuration for you.
How !?!?!?! (I hear you cry)
Read the
client.tsfile. It shows you the new mechanism.Mechanical update:
Every other change to the source code was performed with the following seven-line script: use
prettier --print-width 400to ensure all the construction expressions would be single-line (they weren’t necessarily always so); identify the files that usedDEFAULT_CONFIG, replace theirimportstatements, replace their instantiation expressions, then clean up the debris.Checklist
make all)make docs)