From 3a64d970405f2b0a79622005be8a94962e7d5ea4 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Thu, 10 Jun 2021 13:46:12 +0200 Subject: [PATCH] crypto: add download links as API fields Signed-off-by: Jens Langhammer --- authentik/crypto/api.py | 26 +++++++++++++++++++ schema.yml | 10 ++++++- .../crypto/CertificateKeyPairListPage.ts | 4 +-- 3 files changed, 37 insertions(+), 3 deletions(-) diff --git a/authentik/crypto/api.py b/authentik/crypto/api.py index a74914404..81c8f2b6e 100644 --- a/authentik/crypto/api.py +++ b/authentik/crypto/api.py @@ -3,6 +3,7 @@ from cryptography.hazmat.backends import default_backend from cryptography.hazmat.primitives.serialization import load_pem_private_key from cryptography.x509 import load_pem_x509_certificate from django.http.response import HttpResponse +from django.urls import reverse from django.utils.translation import gettext_lazy as _ from django_filters import FilterSet from django_filters.filters import BooleanFilter @@ -35,6 +36,9 @@ class CertificateKeyPairSerializer(ModelSerializer): cert_subject = SerializerMethodField() private_key_available = SerializerMethodField() + certificate_download_url = SerializerMethodField() + private_key_download_url = SerializerMethodField() + def get_cert_subject(self, instance: CertificateKeyPair) -> str: """Get certificate subject as full rfc4514""" return instance.certificate.subject.rfc4514_string() @@ -43,6 +47,26 @@ class CertificateKeyPairSerializer(ModelSerializer): """Show if this keypair has a private key configured or not""" return instance.key_data != "" and instance.key_data is not None + def get_certificate_download_url(self, instance: CertificateKeyPair) -> str: + """Get URL to download certificate""" + return ( + reverse( + "authentik_api:certificatekeypair-view-certificate", + kwargs={"pk": instance.pk}, + ) + + "?download" + ) + + def get_private_key_download_url(self, instance: CertificateKeyPair) -> str: + """Get URL to download private key""" + return ( + reverse( + "authentik_api:certificatekeypair-view-private-key", + kwargs={"pk": instance.pk}, + ) + + "?download" + ) + def validate_certificate_data(self, value: str) -> str: """Verify that input is a valid PEM x509 Certificate""" try: @@ -79,6 +103,8 @@ class CertificateKeyPairSerializer(ModelSerializer): "cert_expiry", "cert_subject", "private_key_available", + "certificate_download_url", + "private_key_download_url", ] extra_kwargs = { "key_data": {"write_only": True}, diff --git a/schema.yml b/schema.yml index 03ff271a0..47db1e3d5 100644 --- a/schema.yml +++ b/schema.yml @@ -1,7 +1,7 @@ openapi: 3.0.3 info: title: authentik - version: 2021.5.4 + version: 2021.6.1-rc1 description: Making authentication simple. contact: email: hello@beryju.org @@ -18380,13 +18380,21 @@ components: private_key_available: type: boolean readOnly: true + certificate_download_url: + type: string + readOnly: true + private_key_download_url: + type: string + readOnly: true required: - cert_expiry - cert_subject + - certificate_download_url - fingerprint - name - pk - private_key_available + - private_key_download_url CertificateKeyPairRequest: type: object description: CertificateKeyPair Serializer diff --git a/web/src/pages/crypto/CertificateKeyPairListPage.ts b/web/src/pages/crypto/CertificateKeyPairListPage.ts index eee69fa40..921259f6d 100644 --- a/web/src/pages/crypto/CertificateKeyPairListPage.ts +++ b/web/src/pages/crypto/CertificateKeyPairListPage.ts @@ -124,11 +124,11 @@ export class CertificateKeyPairListPage extends TablePage {