-
-
Notifications
You must be signed in to change notification settings - Fork 874
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
stages/authenticator_webauthn: add MDS support #9114
Conversation
✅ Deploy Preview for authentik-docs ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
✅ Deploy Preview for authentik-storybook ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
authentik PR Installation instructions Instructions for docker-composeAdd the following block to your AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-ghcr.io/goauthentik/dev-server:gh-adeb8ea4c5165969cea8ebb615bf1b4f19a63b27
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s For arm64, use these values: AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-ghcr.io/goauthentik/dev-server:gh-adeb8ea4c5165969cea8ebb615bf1b4f19a63b27-arm64
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s Afterwards, run the upgrade commands from the latest release notes. Instructions for KubernetesAdd the following block to your authentik:
outposts:
container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
image:
repository: ghcr.io/goauthentik/dev-server
tag: gh-ghcr.io/goauthentik/dev-server:gh-adeb8ea4c5165969cea8ebb615bf1b4f19a63b27 For arm64, use these values: authentik:
outposts:
container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
image:
repository: ghcr.io/goauthentik/dev-server
tag: gh-ghcr.io/goauthentik/dev-server:gh-adeb8ea4c5165969cea8ebb615bf1b4f19a63b27-arm64 Afterwards, run the upgrade commands from the latest release notes. |
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
this typo has been around for 3 years 8708e48#diff-bb4aee4a37f4b95c8daa7beb6bf6251d8d2b6deb8c16dce0cd7cb0d6cd71900aR16 Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
5bfa4cc
to
adeb8ea
Compare
* main: (25 commits) root: fix readme (#9178) enterprise: fix audit middleware import (#9177) web: bump @spotlightjs/spotlight from 1.2.16 to 1.2.17 in /web in the sentry group (#9162) web: bump API Client version (#9174) stages/authenticator_webauthn: add MDS support (#9114) website/integrations: Update Nextcloud OIDC secret size limitation (#9139) translate: Updates for file web/xliff/en.xlf in zh_CN (#9170) translate: Updates for file web/xliff/en.xlf in zh-Hans (#9171) web: bump the rollup group in /web with 3 updates (#9164) web: bump @codemirror/legacy-modes from 6.3.3 to 6.4.0 in /web (#9166) web: bump ts-pattern from 5.1.0 to 5.1.1 in /web (#9167) core: bump github.com/go-ldap/ldap/v3 from 3.4.6 to 3.4.7 (#9168) core, web: update translations (#9156) root: fix redis username in lifecycle (#9158) web: ak-checkbox-group for short, static, multi-select events (#9138) root: fix startup (#9151) core: Bump golang.org/x/oauth2 from 0.18.0 to 0.19.0 (#9146) core: Bump twilio from 9.0.3 to 9.0.4 (#9143) web: Bump country-flag-icons from 1.5.10 to 1.5.11 in /web (#9144) web: Bump typescript from 5.4.3 to 5.4.4 in /web (#9145) ...
Details
Use FIDO Alliances' MDS database to allow restricting which WebAuthn devices may be used.
Also adds some slight QOL improvements like defaulting the webauthn device name to the MDS aaguid description
TODO:
Checklist
ak test authentik/
)make lint-fix
)If an API change has been made
make gen-build
)If changes to the frontend have been made
make web
)If applicable
make website
)