From 5689f25c39effd014cc3c3411ee98192cc11dae2 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Sat, 19 Sep 2020 11:31:48 +0200 Subject: [PATCH] providers/proxy: add option to skip authentication for paths matching regular expressions --- passbook/providers/proxy/api.py | 2 ++ passbook/providers/proxy/forms.py | 1 + .../0006_proxyprovider_skip_path_regex.py | 18 ++++++++++++++++++ passbook/providers/proxy/models.py | 9 +++++++++ swagger.yaml | 10 ++++++++++ 5 files changed, 40 insertions(+) create mode 100644 passbook/providers/proxy/migrations/0006_proxyprovider_skip_path_regex.py diff --git a/passbook/providers/proxy/api.py b/passbook/providers/proxy/api.py index 7d2dd8654..d75733539 100644 --- a/passbook/providers/proxy/api.py +++ b/passbook/providers/proxy/api.py @@ -55,6 +55,7 @@ class ProxyProviderSerializer(ModelSerializer): "internal_host", "external_host", "certificate", + "skip_path_regex", ] @@ -93,6 +94,7 @@ class ProxyOutpostConfigSerializer(ModelSerializer): "oidc_configuration", "cookie_secret", "certificate", + "skip_path_regex", ] @swagger_serializer_method(serializer_or_field=OpenIDConnectConfigurationSerializer) diff --git a/passbook/providers/proxy/forms.py b/passbook/providers/proxy/forms.py index 86ce85fb7..1d1b4dd7d 100644 --- a/passbook/providers/proxy/forms.py +++ b/passbook/providers/proxy/forms.py @@ -35,6 +35,7 @@ class ProxyProviderForm(forms.ModelForm): "internal_host", "external_host", "certificate", + "skip_path_regex", ] widgets = { "name": forms.TextInput(), diff --git a/passbook/providers/proxy/migrations/0006_proxyprovider_skip_path_regex.py b/passbook/providers/proxy/migrations/0006_proxyprovider_skip_path_regex.py new file mode 100644 index 000000000..3f252be3c --- /dev/null +++ b/passbook/providers/proxy/migrations/0006_proxyprovider_skip_path_regex.py @@ -0,0 +1,18 @@ +# Generated by Django 3.1.1 on 2020-09-19 09:14 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ('passbook_providers_proxy', '0005_auto_20200914_1536'), + ] + + operations = [ + migrations.AddField( + model_name='proxyprovider', + name='skip_path_regex', + field=models.TextField(blank=True, default='', help_text='Regular expression for which authentication is not required. Each new line is interpreted as a new Regular Expression.'), + ), + ] diff --git a/passbook/providers/proxy/models.py b/passbook/providers/proxy/models.py index e8b2f0bae..ed052782a 100644 --- a/passbook/providers/proxy/models.py +++ b/passbook/providers/proxy/models.py @@ -49,6 +49,15 @@ class ProxyProvider(OutpostModel, OAuth2Provider): cookie_secret = models.TextField(default=get_cookie_secret) + skip_path_regex = models.TextField( + default="", + blank=True, + help_text=_(( + "Regular expression for which authentication is not required. " + "Each new line is interpreted as a new Regular Expression." + )) + ) + certificate = models.ForeignKey( CertificateKeyPair, on_delete=models.SET_NULL, null=True, blank=True, ) diff --git a/swagger.yaml b/swagger.yaml index 9eb5878cd..40576c72e 100755 --- a/swagger.yaml +++ b/swagger.yaml @@ -6232,6 +6232,11 @@ definitions: type: string format: uuid x-nullable: true + skip_path_regex: + title: Skip path regex + description: Regular expression for which authentication is not required. + Each new line is interpreted as a new Regular Expression. + type: string Policy: type: object properties: @@ -6697,6 +6702,11 @@ definitions: type: string format: uuid x-nullable: true + skip_path_regex: + title: Skip path regex + description: Regular expression for which authentication is not required. + Each new line is interpreted as a new Regular Expression. + type: string SAMLProvider: required: - name