diff --git a/authentik/crypto/api.py b/authentik/crypto/api.py index a74914404..81c8f2b6e 100644 --- a/authentik/crypto/api.py +++ b/authentik/crypto/api.py @@ -3,6 +3,7 @@ from cryptography.hazmat.backends import default_backend from cryptography.hazmat.primitives.serialization import load_pem_private_key from cryptography.x509 import load_pem_x509_certificate from django.http.response import HttpResponse +from django.urls import reverse from django.utils.translation import gettext_lazy as _ from django_filters import FilterSet from django_filters.filters import BooleanFilter @@ -35,6 +36,9 @@ class CertificateKeyPairSerializer(ModelSerializer): cert_subject = SerializerMethodField() private_key_available = SerializerMethodField() + certificate_download_url = SerializerMethodField() + private_key_download_url = SerializerMethodField() + def get_cert_subject(self, instance: CertificateKeyPair) -> str: """Get certificate subject as full rfc4514""" return instance.certificate.subject.rfc4514_string() @@ -43,6 +47,26 @@ class CertificateKeyPairSerializer(ModelSerializer): """Show if this keypair has a private key configured or not""" return instance.key_data != "" and instance.key_data is not None + def get_certificate_download_url(self, instance: CertificateKeyPair) -> str: + """Get URL to download certificate""" + return ( + reverse( + "authentik_api:certificatekeypair-view-certificate", + kwargs={"pk": instance.pk}, + ) + + "?download" + ) + + def get_private_key_download_url(self, instance: CertificateKeyPair) -> str: + """Get URL to download private key""" + return ( + reverse( + "authentik_api:certificatekeypair-view-private-key", + kwargs={"pk": instance.pk}, + ) + + "?download" + ) + def validate_certificate_data(self, value: str) -> str: """Verify that input is a valid PEM x509 Certificate""" try: @@ -79,6 +103,8 @@ class CertificateKeyPairSerializer(ModelSerializer): "cert_expiry", "cert_subject", "private_key_available", + "certificate_download_url", + "private_key_download_url", ] extra_kwargs = { "key_data": {"write_only": True}, diff --git a/schema.yml b/schema.yml index 03ff271a0..47db1e3d5 100644 --- a/schema.yml +++ b/schema.yml @@ -1,7 +1,7 @@ openapi: 3.0.3 info: title: authentik - version: 2021.5.4 + version: 2021.6.1-rc1 description: Making authentication simple. contact: email: hello@beryju.org @@ -18380,13 +18380,21 @@ components: private_key_available: type: boolean readOnly: true + certificate_download_url: + type: string + readOnly: true + private_key_download_url: + type: string + readOnly: true required: - cert_expiry - cert_subject + - certificate_download_url - fingerprint - name - pk - private_key_available + - private_key_download_url CertificateKeyPairRequest: type: object description: CertificateKeyPair Serializer diff --git a/web/src/pages/crypto/CertificateKeyPairListPage.ts b/web/src/pages/crypto/CertificateKeyPairListPage.ts index eee69fa40..921259f6d 100644 --- a/web/src/pages/crypto/CertificateKeyPairListPage.ts +++ b/web/src/pages/crypto/CertificateKeyPairListPage.ts @@ -124,11 +124,11 @@ export class CertificateKeyPairListPage extends TablePage {