stages/identification: add UPN

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-06-10 22:48:39 +02:00
parent e35e096266
commit 676b77aa7c
7 changed files with 53 additions and 7 deletions

View file

@ -17,6 +17,7 @@ class UserFields(models.TextChoices):
E_MAIL = "email" E_MAIL = "email"
USERNAME = "username" USERNAME = "username"
UPN = "upn"
class IdentificationStage(Stage): class IdentificationStage(Stage):

View file

@ -96,7 +96,11 @@ class IdentificationStageView(ChallengeStageView):
current_stage: IdentificationStage = self.executor.current_stage current_stage: IdentificationStage = self.executor.current_stage
query = Q() query = Q()
for search_field in current_stage.user_fields: for search_field in current_stage.user_fields:
model_field = search_field model_field = {
"email": "email",
"username": "username",
"upn": "attributes__upn",
}[search_field]
if current_stage.case_insensitive_matching: if current_stage.case_insensitive_matching:
model_field += "__iexact" model_field += "__iexact"
else: else:

View file

@ -27687,6 +27687,7 @@ components:
enum: enum:
- email - email
- username - username
- upn
type: string type: string
UserLoginStage: UserLoginStage:
type: object type: object

View file

@ -11,7 +11,7 @@ import PFAlert from "@patternfly/patternfly/components/Alert/alert.css";
import AKGlobal from "../../../authentik.css"; import AKGlobal from "../../../authentik.css";
import "../../../elements/forms/FormElement"; import "../../../elements/forms/FormElement";
import "../../../elements/EmptyState"; import "../../../elements/EmptyState";
import { FlowChallengeRequest, IdentificationChallenge, IdentificationChallengeResponseRequest, UILoginButton } from "authentik-api"; import { FlowChallengeRequest, IdentificationChallenge, IdentificationChallengeResponseRequest, UILoginButton, UserFieldsEnum } from "authentik-api";
export const PasswordManagerPrefill: { export const PasswordManagerPrefill: {
password: string | undefined; password: string | undefined;
@ -149,13 +149,18 @@ export class IdentificationStage extends BaseStage<IdentificationChallenge, Iden
${t`Select one of the sources below to login.`} ${t`Select one of the sources below to login.`}
</p>`; </p>`;
} }
if (this.challenge?.userFields === ["email"]) { const fields = this.challenge?.userFields.sort() || [];
if (fields === [UserFieldsEnum.Email]) {
label = t`Email`; label = t`Email`;
type = "email"; type = "email";
} else if (this.challenge?.userFields === ["username"]) { } else if (fields === [UserFieldsEnum.Username]) {
label = t`Username`; label = t`Username`;
} else { } else if (fields === [UserFieldsEnum.Upn]) {
label = t`UPN`;
} else if (fields === [UserFieldsEnum.Email, UserFieldsEnum.Username]) {
label = t`Email or username`; label = t`Email or username`;
} else {
label = t`Email, UPN or username`;
} }
return html`<ak-form-element return html`<ak-form-element
label=${label} label=${label}

View file

@ -674,11 +674,14 @@ msgstr "Configuration"
#: src/pages/stages/authenticator_duo/AuthenticatorDuoStageForm.ts #: src/pages/stages/authenticator_duo/AuthenticatorDuoStageForm.ts
#: src/pages/stages/authenticator_static/AuthenticatorStaticStageForm.ts #: src/pages/stages/authenticator_static/AuthenticatorStaticStageForm.ts
#: src/pages/stages/authenticator_totp/AuthenticatorTOTPStageForm.ts #: src/pages/stages/authenticator_totp/AuthenticatorTOTPStageForm.ts
#: src/pages/stages/authenticator_validate/AuthenticatorValidateStageForm.ts
#: src/pages/stages/password/PasswordStageForm.ts #: src/pages/stages/password/PasswordStageForm.ts
msgid "Configuration flow" msgid "Configuration flow"
msgstr "Configuration flow" msgstr "Configuration flow"
#: src/pages/stages/authenticator_validate/AuthenticatorValidateStageForm.ts
msgid "Configuration stage"
msgstr "Configuration stage"
#: src/pages/user-settings/settings/UserSettingsAuthenticatorWebAuthn.ts #: src/pages/user-settings/settings/UserSettingsAuthenticatorWebAuthn.ts
msgid "Configure WebAuthn" msgid "Configure WebAuthn"
msgstr "Configure WebAuthn" msgstr "Configure WebAuthn"
@ -1287,6 +1290,10 @@ msgstr "Email info:"
msgid "Email or username" msgid "Email or username"
msgstr "Email or username" msgstr "Email or username"
#: src/flows/stages/identification/IdentificationStage.ts
msgid "Email, UPN or username"
msgstr "Email, UPN or username"
#: src/pages/stages/prompt/PromptForm.ts #: src/pages/stages/prompt/PromptForm.ts
msgid "Email: Text field with Email type." msgid "Email: Text field with Email type."
msgstr "Email: Text field with Email type." msgstr "Email: Text field with Email type."
@ -3981,6 +3988,11 @@ msgstr "UI settings"
msgid "UID" msgid "UID"
msgstr "UID" msgstr "UID"
#: src/flows/stages/identification/IdentificationStage.ts
#: src/pages/stages/identification/IdentificationStageForm.ts
msgid "UPN"
msgstr "UPN"
#: src/pages/sources/oauth/OAuthSourceForm.ts #: src/pages/sources/oauth/OAuthSourceForm.ts
msgid "URL settings" msgid "URL settings"
msgstr "URL settings" msgstr "URL settings"
@ -4529,6 +4541,10 @@ msgstr "authentik Builtin Database"
msgid "authentik LDAP Backend" msgid "authentik LDAP Backend"
msgstr "authentik LDAP Backend" msgstr "authentik LDAP Backend"
#: src/elements/forms/DeleteForm.ts
msgid "connecting object will be deleted"
msgstr "connecting object will be deleted"
#: src/elements/Tabs.ts #: src/elements/Tabs.ts
msgid "no tabs defined" msgid "no tabs defined"
msgstr "no tabs defined" msgstr "no tabs defined"

View file

@ -669,10 +669,13 @@ msgstr ""
#: #:
#: #:
#: #:
#:
msgid "Configuration flow" msgid "Configuration flow"
msgstr "" msgstr ""
#:
msgid "Configuration stage"
msgstr ""
#: #:
msgid "Configure WebAuthn" msgid "Configure WebAuthn"
msgstr "" msgstr ""
@ -1279,6 +1282,10 @@ msgstr ""
msgid "Email or username" msgid "Email or username"
msgstr "" msgstr ""
#:
msgid "Email, UPN or username"
msgstr ""
#: #:
msgid "Email: Text field with Email type." msgid "Email: Text field with Email type."
msgstr "" msgstr ""
@ -3969,6 +3976,11 @@ msgstr ""
msgid "UID" msgid "UID"
msgstr "" msgstr ""
#:
#:
msgid "UPN"
msgstr ""
#: #:
msgid "URL settings" msgid "URL settings"
msgstr "" msgstr ""
@ -4515,6 +4527,10 @@ msgstr ""
msgid "authentik LDAP Backend" msgid "authentik LDAP Backend"
msgstr "" msgstr ""
#:
msgid "connecting object will be deleted"
msgstr ""
#: #:
msgid "no tabs defined" msgid "no tabs defined"
msgstr "" msgstr ""

View file

@ -72,6 +72,9 @@ export class IdentificationStageForm extends ModelForm<IdentificationStage, stri
<option value=${UserFieldsEnum.Email} ?selected=${this.isUserFieldSelected(UserFieldsEnum.Email)}> <option value=${UserFieldsEnum.Email} ?selected=${this.isUserFieldSelected(UserFieldsEnum.Email)}>
${t`Email`} ${t`Email`}
</option> </option>
<option value=${UserFieldsEnum.Upn} ?selected=${this.isUserFieldSelected(UserFieldsEnum.Upn)}>
${t`UPN`}
</option>
</select> </select>
<p class="pf-c-form__helper-text">${t`Fields a user can identify themselves with. If no fields are selected, the user will only be able to use sources.`}</p> <p class="pf-c-form__helper-text">${t`Fields a user can identify themselves with. If no fields are selected, the user will only be able to use sources.`}</p>
<p class="pf-c-form__helper-text">${t`Hold control/command to select multiple items.`}</p> <p class="pf-c-form__helper-text">${t`Hold control/command to select multiple items.`}</p>