From 711cedfe3427da0db4185da8efe65b71febfd7af Mon Sep 17 00:00:00 2001
From: SeamusGrafana <102023327+SeamusGrafana@users.noreply.github.com>
Date: Wed, 21 Jun 2023 07:14:11 +0100
Subject: [PATCH] DevEnv: Add Support for SAML SLO in Authentik (#69147)

* Update Authentik Image Version in docker-compose.yaml

Update Authentik Image Version in `docker-compose.yaml` to use the current version (as of writing) which is `2023.5.1` where this has been tested against.

* DevEnv: update SLO support for Authentik
---
 devenv/docker/blocks/auth/authentik/README.md           | 9 +++++----
 devenv/docker/blocks/auth/authentik/docker-compose.yaml | 4 ++--
 2 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/devenv/docker/blocks/auth/authentik/README.md b/devenv/docker/blocks/auth/authentik/README.md
index 8de63f34bff..9fdee3b8c93 100644
--- a/devenv/docker/blocks/auth/authentik/README.md
+++ b/devenv/docker/blocks/auth/authentik/README.md
@@ -44,8 +44,9 @@ active_sync_enabled = true
 
 Grafana expects SLO support to be communicated in the metadata
 
-Single Logout is not supported by authentik.
-https://github.com/goauthentik/authentik/issues/3321 
+Single Logout is now supported by authentik in versions `2023.1` and higher;
+
+Source: <https://goauthentik.io/docs/releases/2023.1#new-features>
 
 **Warning** Client signature validation
 
@@ -65,7 +66,7 @@ assertion_attribute_email = http://schemas.xmlsoap.org/ws/2005/05/identity/claim
 assertion_attribute_groups = http://schemas.xmlsoap.org/claims/Group
 assertion_attribute_org = http://schemas.xmlsoap.org/claims/Group
 allow_sign_up = true
-single_logout = false # not supported by authentik
+single_logout = true # supported by authentik v2023.1 and newer
 signature_algorithm = rsa-sha256
 allow_idp_initiated = true
 org_mapping = admin:1:Admin, editor:1:Editor, viewer:1:Viewer
@@ -115,4 +116,4 @@ In case you want to make changes to the devenv setup, you can dump keycloak's DB
 ```bash
 cd devenv;
 docker-compose exec -T authentikdb bash -c "pg_dump -U authentik authentik" > docker/blocks/auth/authentik/cloak.sql
-```
\ No newline at end of file
+```
diff --git a/devenv/docker/blocks/auth/authentik/docker-compose.yaml b/devenv/docker/blocks/auth/authentik/docker-compose.yaml
index 0c13c19c342..6d16b4e7a36 100644
--- a/devenv/docker/blocks/auth/authentik/docker-compose.yaml
+++ b/devenv/docker/blocks/auth/authentik/docker-compose.yaml
@@ -39,7 +39,7 @@
       - "authentik:authentik"
 
   authentik:
-    image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2023.2.3}
+    image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2023.5.1}
     restart: unless-stopped
     container_name: authentik
     command: server
@@ -66,7 +66,7 @@
       - "authentikredis:authentikredis"
 
   authentik-worker:
-    image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2022.12.1}
+    image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2023.5.1}
     restart: unless-stopped
     container_name: authentik-worker
     command: worker