flows: migrate flows to be yaml (#3335)
* flows: migrate flows to be yaml Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * migrate flows to yaml Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
db1dd196e0
commit
882250a85e
|
@ -21,7 +21,7 @@
|
||||||
"todo-tree.tree.showBadges": true,
|
"todo-tree.tree.showBadges": true,
|
||||||
"python.formatting.provider": "black",
|
"python.formatting.provider": "black",
|
||||||
"files.associations": {
|
"files.associations": {
|
||||||
"*.akflow": "json"
|
"*.akflow": "yaml"
|
||||||
},
|
},
|
||||||
"typescript.preferences.importModuleSpecifier": "non-relative",
|
"typescript.preferences.importModuleSpecifier": "non-relative",
|
||||||
"typescript.preferences.importModuleSpecifierEnding": "index",
|
"typescript.preferences.importModuleSpecifierEnding": "index",
|
||||||
|
|
|
@ -3,7 +3,8 @@ from dataclasses import dataclass
|
||||||
|
|
||||||
from django.core.cache import cache
|
from django.core.cache import cache
|
||||||
from django.db.models import Model
|
from django.db.models import Model
|
||||||
from django.http.response import HttpResponseBadRequest, JsonResponse
|
from django.http import HttpResponse
|
||||||
|
from django.http.response import HttpResponseBadRequest
|
||||||
from django.urls import reverse
|
from django.urls import reverse
|
||||||
from django.utils.translation import gettext as _
|
from django.utils.translation import gettext as _
|
||||||
from drf_spectacular.types import OpenApiTypes
|
from drf_spectacular.types import OpenApiTypes
|
||||||
|
@ -29,7 +30,6 @@ from authentik.core.api.utils import (
|
||||||
from authentik.flows.exceptions import FlowNonApplicableException
|
from authentik.flows.exceptions import FlowNonApplicableException
|
||||||
from authentik.flows.models import Flow
|
from authentik.flows.models import Flow
|
||||||
from authentik.flows.planner import PLAN_CONTEXT_PENDING_USER, FlowPlanner, cache_key
|
from authentik.flows.planner import PLAN_CONTEXT_PENDING_USER, FlowPlanner, cache_key
|
||||||
from authentik.flows.transfer.common import DataclassEncoder
|
|
||||||
from authentik.flows.transfer.exporter import FlowExporter
|
from authentik.flows.transfer.exporter import FlowExporter
|
||||||
from authentik.flows.transfer.importer import FlowImporter
|
from authentik.flows.transfer.importer import FlowImporter
|
||||||
from authentik.flows.views.executor import SESSION_KEY_HISTORY, SESSION_KEY_PLAN
|
from authentik.flows.views.executor import SESSION_KEY_HISTORY, SESSION_KEY_PLAN
|
||||||
|
@ -198,7 +198,7 @@ class FlowViewSet(UsedByMixin, ModelViewSet):
|
||||||
"""Export flow to .akflow file"""
|
"""Export flow to .akflow file"""
|
||||||
flow = self.get_object()
|
flow = self.get_object()
|
||||||
exporter = FlowExporter(flow)
|
exporter = FlowExporter(flow)
|
||||||
response = JsonResponse(exporter.export(), encoder=DataclassEncoder, safe=False)
|
response = HttpResponse(content=exporter.export_to_string())
|
||||||
response["Content-Disposition"] = f'attachment; filename="{flow.slug}.akflow"'
|
response["Content-Disposition"] = f'attachment; filename="{flow.slug}.akflow"'
|
||||||
return response
|
return response
|
||||||
|
|
||||||
|
|
|
@ -1,10 +1,9 @@
|
||||||
"""Test flow transfer"""
|
"""Test flow transfer"""
|
||||||
from json import dumps
|
|
||||||
|
|
||||||
from django.test import TransactionTestCase
|
from django.test import TransactionTestCase
|
||||||
|
from yaml import dump
|
||||||
|
|
||||||
from authentik.flows.models import Flow, FlowDesignation, FlowStageBinding
|
from authentik.flows.models import Flow, FlowDesignation, FlowStageBinding
|
||||||
from authentik.flows.transfer.common import DataclassEncoder
|
from authentik.flows.transfer.common import DataclassDumper
|
||||||
from authentik.flows.transfer.exporter import FlowExporter
|
from authentik.flows.transfer.exporter import FlowExporter
|
||||||
from authentik.flows.transfer.importer import FlowImporter, transaction_rollback
|
from authentik.flows.transfer.importer import FlowImporter, transaction_rollback
|
||||||
from authentik.lib.generators import generate_id
|
from authentik.lib.generators import generate_id
|
||||||
|
@ -70,9 +69,9 @@ class TestFlowTransfer(TransactionTestCase):
|
||||||
exporter = FlowExporter(flow)
|
exporter = FlowExporter(flow)
|
||||||
export = exporter.export()
|
export = exporter.export()
|
||||||
self.assertEqual(len(export.entries), 3)
|
self.assertEqual(len(export.entries), 3)
|
||||||
export_json = exporter.export_to_string()
|
export_yaml = exporter.export_to_string()
|
||||||
|
|
||||||
importer = FlowImporter(export_json)
|
importer = FlowImporter(export_yaml)
|
||||||
self.assertTrue(importer.validate())
|
self.assertTrue(importer.validate())
|
||||||
self.assertTrue(importer.apply())
|
self.assertTrue(importer.apply())
|
||||||
|
|
||||||
|
@ -118,9 +117,9 @@ class TestFlowTransfer(TransactionTestCase):
|
||||||
exporter = FlowExporter(flow)
|
exporter = FlowExporter(flow)
|
||||||
export = exporter.export()
|
export = exporter.export()
|
||||||
|
|
||||||
export_json = dumps(export, cls=DataclassEncoder)
|
export_yaml = dump(export, Dumper=DataclassDumper)
|
||||||
|
|
||||||
importer = FlowImporter(export_json)
|
importer = FlowImporter(export_yaml)
|
||||||
self.assertTrue(importer.validate())
|
self.assertTrue(importer.validate())
|
||||||
self.assertTrue(importer.apply())
|
self.assertTrue(importer.apply())
|
||||||
self.assertTrue(UserLoginStage.objects.filter(name=stage_name).exists())
|
self.assertTrue(UserLoginStage.objects.filter(name=stage_name).exists())
|
||||||
|
@ -162,9 +161,9 @@ class TestFlowTransfer(TransactionTestCase):
|
||||||
|
|
||||||
exporter = FlowExporter(flow)
|
exporter = FlowExporter(flow)
|
||||||
export = exporter.export()
|
export = exporter.export()
|
||||||
export_json = dumps(export, cls=DataclassEncoder)
|
export_yaml = dump(export, Dumper=DataclassDumper)
|
||||||
|
|
||||||
importer = FlowImporter(export_json)
|
importer = FlowImporter(export_yaml)
|
||||||
|
|
||||||
self.assertTrue(importer.validate())
|
self.assertTrue(importer.validate())
|
||||||
self.assertTrue(importer.apply())
|
self.assertTrue(importer.apply())
|
||||||
|
|
|
@ -5,6 +5,7 @@ from typing import Any
|
||||||
from uuid import UUID
|
from uuid import UUID
|
||||||
|
|
||||||
from django.core.serializers.json import DjangoJSONEncoder
|
from django.core.serializers.json import DjangoJSONEncoder
|
||||||
|
from yaml import SafeDumper
|
||||||
|
|
||||||
from authentik.lib.models import SerializerModel
|
from authentik.lib.models import SerializerModel
|
||||||
from authentik.lib.sentry import SentryIgnoredException
|
from authentik.lib.sentry import SentryIgnoredException
|
||||||
|
@ -84,5 +85,21 @@ class DataclassEncoder(DjangoJSONEncoder):
|
||||||
return super().default(o) # pragma: no cover
|
return super().default(o) # pragma: no cover
|
||||||
|
|
||||||
|
|
||||||
|
class DataclassDumper(SafeDumper):
|
||||||
|
"""Dump dataclasses to yaml"""
|
||||||
|
|
||||||
|
default_flow_style = False
|
||||||
|
|
||||||
|
def __init__(self, *args, **kwargs):
|
||||||
|
super().__init__(*args, **kwargs)
|
||||||
|
self.add_representer(UUID, lambda self, data: self.represent_str(str(data)))
|
||||||
|
self.add_representer(Enum, lambda self, data: self.represent_str(data.value))
|
||||||
|
|
||||||
|
def represent(self, data) -> None:
|
||||||
|
if is_dataclass(data):
|
||||||
|
data = asdict(data)
|
||||||
|
return super().represent(data)
|
||||||
|
|
||||||
|
|
||||||
class EntryInvalidError(SentryIgnoredException):
|
class EntryInvalidError(SentryIgnoredException):
|
||||||
"""Error raised when an entry is invalid"""
|
"""Error raised when an entry is invalid"""
|
||||||
|
|
|
@ -1,12 +1,12 @@
|
||||||
"""Flow exporter"""
|
"""Flow exporter"""
|
||||||
from json import dumps
|
|
||||||
from typing import Iterator
|
from typing import Iterator
|
||||||
from uuid import UUID
|
from uuid import UUID
|
||||||
|
|
||||||
from django.db.models import Q
|
from django.db.models import Q
|
||||||
|
from yaml import dump
|
||||||
|
|
||||||
from authentik.flows.models import Flow, FlowStageBinding, Stage
|
from authentik.flows.models import Flow, FlowStageBinding, Stage
|
||||||
from authentik.flows.transfer.common import DataclassEncoder, FlowBundle, FlowBundleEntry
|
from authentik.flows.transfer.common import DataclassDumper, FlowBundle, FlowBundleEntry
|
||||||
from authentik.policies.models import Policy, PolicyBinding
|
from authentik.policies.models import Policy, PolicyBinding
|
||||||
from authentik.stages.prompt.models import PromptStage
|
from authentik.stages.prompt.models import PromptStage
|
||||||
|
|
||||||
|
@ -89,4 +89,4 @@ class FlowExporter:
|
||||||
def export_to_string(self) -> str:
|
def export_to_string(self) -> str:
|
||||||
"""Call export and convert it to json"""
|
"""Call export and convert it to json"""
|
||||||
bundle = self.export()
|
bundle = self.export()
|
||||||
return dumps(bundle, cls=DataclassEncoder)
|
return dump(bundle, Dumper=DataclassDumper)
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
"""Flow importer"""
|
"""Flow importer"""
|
||||||
from contextlib import contextmanager
|
from contextlib import contextmanager
|
||||||
from copy import deepcopy
|
from copy import deepcopy
|
||||||
from json import loads
|
|
||||||
from typing import Any
|
from typing import Any
|
||||||
|
|
||||||
from dacite import from_dict
|
from dacite import from_dict
|
||||||
|
@ -14,6 +13,7 @@ from django.db.utils import IntegrityError
|
||||||
from rest_framework.exceptions import ValidationError
|
from rest_framework.exceptions import ValidationError
|
||||||
from rest_framework.serializers import BaseSerializer, Serializer
|
from rest_framework.serializers import BaseSerializer, Serializer
|
||||||
from structlog.stdlib import BoundLogger, get_logger
|
from structlog.stdlib import BoundLogger, get_logger
|
||||||
|
from yaml import safe_load
|
||||||
|
|
||||||
from authentik.flows.models import Flow, FlowStageBinding, Stage
|
from authentik.flows.models import Flow, FlowStageBinding, Stage
|
||||||
from authentik.flows.transfer.common import EntryInvalidError, FlowBundle, FlowBundleEntry
|
from authentik.flows.transfer.common import EntryInvalidError, FlowBundle, FlowBundleEntry
|
||||||
|
@ -39,10 +39,10 @@ class FlowImporter:
|
||||||
|
|
||||||
logger: BoundLogger
|
logger: BoundLogger
|
||||||
|
|
||||||
def __init__(self, json_input: str):
|
def __init__(self, yaml_input: str):
|
||||||
self.__pk_map: dict[Any, Model] = {}
|
self.__pk_map: dict[Any, Model] = {}
|
||||||
self.logger = get_logger()
|
self.logger = get_logger()
|
||||||
import_dict = loads(json_input)
|
import_dict = safe_load(yaml_input)
|
||||||
try:
|
try:
|
||||||
self.__import = from_dict(FlowBundle, import_dict)
|
self.__import = from_dict(FlowBundle, import_dict)
|
||||||
except DaciteError as exc:
|
except DaciteError as exc:
|
||||||
|
|
|
@ -32,31 +32,37 @@ Configure what happens when access to a flow is denied by a policy. By default,
|
||||||
|
|
||||||
Flows are designated for a single purpose. This designation changes when a flow is used. The following designations are available:
|
Flows are designated for a single purpose. This designation changes when a flow is used. The following designations are available:
|
||||||
|
|
||||||
### Authentication
|
#### Authentication
|
||||||
|
|
||||||
This is designates a flow to be used for authentication.
|
This is designates a flow to be used for authentication.
|
||||||
|
|
||||||
The authentication flow should always contain a [**User Login**](stages/user_login.md) stage, which attaches the staged user to the current session.
|
The authentication flow should always contain a [**User Login**](stages/user_login.md) stage, which attaches the staged user to the current session.
|
||||||
|
|
||||||
### Invalidation
|
#### Invalidation
|
||||||
|
|
||||||
This designates a flow to be used to invalidate a session.
|
This designates a flow to be used to invalidate a session.
|
||||||
|
|
||||||
This stage should always contain a [**User Logout**](stages/user_logout.md) stage, which resets the current session.
|
This stage should always contain a [**User Logout**](stages/user_logout.md) stage, which resets the current session.
|
||||||
|
|
||||||
### Enrollment
|
#### Enrollment
|
||||||
|
|
||||||
This designates a flow for enrollment. This flow can contain any amount of verification stages, such as [**email**](stages/email/) or [**captcha**](stages/captcha/). At the end, to create the user, you can use the [**user_write**](stages/user_write.md) stage, which either updates the currently staged user, or if none exists, creates a new one.
|
This designates a flow for enrollment. This flow can contain any amount of verification stages, such as [**email**](stages/email/) or [**captcha**](stages/captcha/). At the end, to create the user, you can use the [**user_write**](stages/user_write.md) stage, which either updates the currently staged user, or if none exists, creates a new one.
|
||||||
|
|
||||||
### Unenrollment
|
#### Unenrollment
|
||||||
|
|
||||||
This designates a flow for unenrollment. This flow can contain any amount of verification stages, such as [**email**](stages/email/) or [**captcha**](stages/captcha/). As a final stage, to delete the account, use the [**user_delete**](stages/user_delete.md) stage.
|
This designates a flow for unenrollment. This flow can contain any amount of verification stages, such as [**email**](stages/email/) or [**captcha**](stages/captcha/). As a final stage, to delete the account, use the [**user_delete**](stages/user_delete.md) stage.
|
||||||
|
|
||||||
### Recovery
|
#### Recovery
|
||||||
|
|
||||||
This designates a flow for recovery. This flow normally contains an [**identification**](stages/identification/) stage to find the user. It can also contain any amount of verification stages, such as [**email**](stages/email/) or [**captcha**](stages/captcha/).
|
This designates a flow for recovery. This flow normally contains an [**identification**](stages/identification/) stage to find the user. It can also contain any amount of verification stages, such as [**email**](stages/email/) or [**captcha**](stages/captcha/).
|
||||||
Afterwards, use the [**prompt**](stages/prompt/) stage to ask the user for a new password and the [**user_write**](stages/user_write.md) stage to update the password.
|
Afterwards, use the [**prompt**](stages/prompt/) stage to ask the user for a new password and the [**user_write**](stages/user_write.md) stage to update the password.
|
||||||
|
|
||||||
### Stage configuration
|
#### Stage configuration
|
||||||
|
|
||||||
This designates a flow for general setup. This designation doesn't have any constraints in what you can do. For example, by default this designation is used to configure Factors, like change a password and setup TOTP.
|
This designates a flow for general setup. This designation doesn't have any constraints in what you can do. For example, by default this designation is used to configure Factors, like change a password and setup TOTP.
|
||||||
|
|
||||||
|
## Import & Export
|
||||||
|
|
||||||
|
Flows can be imported and exported to share with other people, the community and for troubleshooting. Flows can be imported to apply new functionality and apply existing workflows.
|
||||||
|
|
||||||
|
Starting with authentik 2022.8, flows will be exported as YAML, but JSON-based flows can still be imported.
|
||||||
|
|
|
@ -1,180 +1,120 @@
|
||||||
{
|
version: 1
|
||||||
"version": 1,
|
entries:
|
||||||
"entries": [
|
- identifiers:
|
||||||
{
|
pk: 773c6673-e4a2-423f-8d32-95b7b4a41cf3
|
||||||
"identifiers": {
|
slug: default-enrollment-flow
|
||||||
"pk": "773c6673-e4a2-423f-8d32-95b7b4a41cf3",
|
model: authentik_flows.flow
|
||||||
"slug": "default-enrollment-flow"
|
attrs:
|
||||||
},
|
name: Default enrollment Flow
|
||||||
"model": "authentik_flows.flow",
|
title: Welcome to authentik!
|
||||||
"attrs": {
|
designation: enrollment
|
||||||
"name": "Default enrollment Flow",
|
- identifiers:
|
||||||
"title": "Welcome to authentik!",
|
pk: cb954fd4-65a5-4ad9-b1ee-180ee9559cf4
|
||||||
"designation": "enrollment"
|
model: authentik_stages_prompt.prompt
|
||||||
}
|
attrs:
|
||||||
},
|
field_key: username
|
||||||
{
|
label: Username
|
||||||
"identifiers": {
|
type: username
|
||||||
"pk": "cb954fd4-65a5-4ad9-b1ee-180ee9559cf4"
|
required: true
|
||||||
},
|
placeholder: Username
|
||||||
"model": "authentik_stages_prompt.prompt",
|
order: 0
|
||||||
"attrs": {
|
- identifiers:
|
||||||
"field_key": "username",
|
pk: 7db91ee8-4290-4e08-8d39-63f132402515
|
||||||
"label": "Username",
|
model: authentik_stages_prompt.prompt
|
||||||
"type": "username",
|
attrs:
|
||||||
"required": true,
|
field_key: password
|
||||||
"placeholder": "Username",
|
label: Password
|
||||||
"order": 0
|
type: password
|
||||||
}
|
required: true
|
||||||
},
|
placeholder: Password
|
||||||
{
|
order: 0
|
||||||
"identifiers": {
|
- identifiers:
|
||||||
"pk": "7db91ee8-4290-4e08-8d39-63f132402515"
|
pk: d30b5eb4-7787-4072-b1ba-65b46e928920
|
||||||
},
|
model: authentik_stages_prompt.prompt
|
||||||
"model": "authentik_stages_prompt.prompt",
|
attrs:
|
||||||
"attrs": {
|
field_key: password_repeat
|
||||||
"field_key": "password",
|
label: Password (repeat)
|
||||||
"label": "Password",
|
type: password
|
||||||
"type": "password",
|
required: true
|
||||||
"required": true,
|
placeholder: Password (repeat)
|
||||||
"placeholder": "Password",
|
order: 1
|
||||||
"order": 0
|
- identifiers:
|
||||||
}
|
pk: f78d977a-efa6-4cc2-9a0f-2621a9fd94d2
|
||||||
},
|
model: authentik_stages_prompt.prompt
|
||||||
{
|
attrs:
|
||||||
"identifiers": {
|
field_key: name
|
||||||
"pk": "d30b5eb4-7787-4072-b1ba-65b46e928920"
|
label: Name
|
||||||
},
|
type: text
|
||||||
"model": "authentik_stages_prompt.prompt",
|
required: true
|
||||||
"attrs": {
|
placeholder: Name
|
||||||
"field_key": "password_repeat",
|
order: 0
|
||||||
"label": "Password (repeat)",
|
- identifiers:
|
||||||
"type": "password",
|
pk: 1ff91927-e33d-4615-95b0-c258e5f0df62
|
||||||
"required": true,
|
model: authentik_stages_prompt.prompt
|
||||||
"placeholder": "Password (repeat)",
|
attrs:
|
||||||
"order": 1
|
field_key: email
|
||||||
}
|
label: Email
|
||||||
},
|
type: email
|
||||||
{
|
required: true
|
||||||
"identifiers": {
|
placeholder: Email
|
||||||
"pk": "f78d977a-efa6-4cc2-9a0f-2621a9fd94d2"
|
order: 1
|
||||||
},
|
- identifiers:
|
||||||
"model": "authentik_stages_prompt.prompt",
|
pk: 6c342b94-790d-425a-ae31-6196b6570722
|
||||||
"attrs": {
|
name: default-enrollment-prompt-second
|
||||||
"field_key": "name",
|
model: authentik_stages_prompt.promptstage
|
||||||
"label": "Name",
|
attrs:
|
||||||
"type": "text",
|
fields:
|
||||||
"required": true,
|
- f78d977a-efa6-4cc2-9a0f-2621a9fd94d2
|
||||||
"placeholder": "Name",
|
- 1ff91927-e33d-4615-95b0-c258e5f0df62
|
||||||
"order": 0
|
- identifiers:
|
||||||
}
|
pk: 20375f30-7fa7-4562-8f6e-0f61889f2963
|
||||||
},
|
name: default-enrollment-prompt-first
|
||||||
{
|
model: authentik_stages_prompt.promptstage
|
||||||
"identifiers": {
|
attrs:
|
||||||
"pk": "1ff91927-e33d-4615-95b0-c258e5f0df62"
|
fields:
|
||||||
},
|
- cb954fd4-65a5-4ad9-b1ee-180ee9559cf4
|
||||||
"model": "authentik_stages_prompt.prompt",
|
- 7db91ee8-4290-4e08-8d39-63f132402515
|
||||||
"attrs": {
|
- d30b5eb4-7787-4072-b1ba-65b46e928920
|
||||||
"field_key": "email",
|
- identifiers:
|
||||||
"label": "Email",
|
pk: 77090897-eb3f-40db-81e6-b4074b1998c4
|
||||||
"type": "email",
|
name: default-enrollment-user-login
|
||||||
"required": true,
|
model: authentik_stages_user_login.userloginstage
|
||||||
"placeholder": "Email",
|
attrs:
|
||||||
"order": 1
|
session_duration: seconds=0
|
||||||
}
|
- identifiers:
|
||||||
},
|
pk: a4090add-f483-4ac6-8917-10b493ef843e
|
||||||
{
|
name: default-enrollment-user-write
|
||||||
"identifiers": {
|
model: authentik_stages_user_write.userwritestage
|
||||||
"pk": "6c342b94-790d-425a-ae31-6196b6570722",
|
attrs: {}
|
||||||
"name": "default-enrollment-prompt-second"
|
- identifiers:
|
||||||
},
|
pk: 34e1e7d5-8eed-4549-bc7a-305069ff7df0
|
||||||
"model": "authentik_stages_prompt.promptstage",
|
target: 773c6673-e4a2-423f-8d32-95b7b4a41cf3
|
||||||
"attrs": {
|
stage: 20375f30-7fa7-4562-8f6e-0f61889f2963
|
||||||
"fields": [
|
order: 10
|
||||||
"f78d977a-efa6-4cc2-9a0f-2621a9fd94d2",
|
model: authentik_flows.flowstagebinding
|
||||||
"1ff91927-e33d-4615-95b0-c258e5f0df62"
|
attrs:
|
||||||
]
|
re_evaluate_policies: false
|
||||||
}
|
- identifiers:
|
||||||
},
|
pk: e40467a6-3052-488c-a1b5-1ad7a80fe7b3
|
||||||
{
|
target: 773c6673-e4a2-423f-8d32-95b7b4a41cf3
|
||||||
"identifiers": {
|
stage: 6c342b94-790d-425a-ae31-6196b6570722
|
||||||
"pk": "20375f30-7fa7-4562-8f6e-0f61889f2963",
|
order: 11
|
||||||
"name": "default-enrollment-prompt-first"
|
model: authentik_flows.flowstagebinding
|
||||||
},
|
attrs:
|
||||||
"model": "authentik_stages_prompt.promptstage",
|
re_evaluate_policies: false
|
||||||
"attrs": {
|
- identifiers:
|
||||||
"fields": [
|
pk: 76bc594e-2715-49ab-bd40-994abd9a7b70
|
||||||
"cb954fd4-65a5-4ad9-b1ee-180ee9559cf4",
|
target: 773c6673-e4a2-423f-8d32-95b7b4a41cf3
|
||||||
"7db91ee8-4290-4e08-8d39-63f132402515",
|
stage: a4090add-f483-4ac6-8917-10b493ef843e
|
||||||
"d30b5eb4-7787-4072-b1ba-65b46e928920"
|
order: 20
|
||||||
]
|
model: authentik_flows.flowstagebinding
|
||||||
}
|
attrs:
|
||||||
},
|
re_evaluate_policies: false
|
||||||
{
|
- identifiers:
|
||||||
"identifiers": {
|
pk: 2f324f6d-7646-4108-a6e2-e7f90985477f
|
||||||
"pk": "77090897-eb3f-40db-81e6-b4074b1998c4",
|
target: 773c6673-e4a2-423f-8d32-95b7b4a41cf3
|
||||||
"name": "default-enrollment-user-login"
|
stage: 77090897-eb3f-40db-81e6-b4074b1998c4
|
||||||
},
|
order: 100
|
||||||
"model": "authentik_stages_user_login.userloginstage",
|
model: authentik_flows.flowstagebinding
|
||||||
"attrs": {
|
attrs:
|
||||||
"session_duration": "seconds=0"
|
re_evaluate_policies: false
|
||||||
}
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"identifiers": {
|
|
||||||
"pk": "a4090add-f483-4ac6-8917-10b493ef843e",
|
|
||||||
"name": "default-enrollment-user-write"
|
|
||||||
},
|
|
||||||
"model": "authentik_stages_user_write.userwritestage",
|
|
||||||
"attrs": {}
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"identifiers": {
|
|
||||||
"pk": "34e1e7d5-8eed-4549-bc7a-305069ff7df0",
|
|
||||||
"target": "773c6673-e4a2-423f-8d32-95b7b4a41cf3",
|
|
||||||
"stage": "20375f30-7fa7-4562-8f6e-0f61889f2963",
|
|
||||||
"order": 10
|
|
||||||
},
|
|
||||||
"model": "authentik_flows.flowstagebinding",
|
|
||||||
"attrs": {
|
|
||||||
"re_evaluate_policies": false
|
|
||||||
}
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"identifiers": {
|
|
||||||
"pk": "e40467a6-3052-488c-a1b5-1ad7a80fe7b3",
|
|
||||||
"target": "773c6673-e4a2-423f-8d32-95b7b4a41cf3",
|
|
||||||
"stage": "6c342b94-790d-425a-ae31-6196b6570722",
|
|
||||||
"order": 11
|
|
||||||
},
|
|
||||||
"model": "authentik_flows.flowstagebinding",
|
|
||||||
"attrs": {
|
|
||||||
"re_evaluate_policies": false
|
|
||||||
}
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"identifiers": {
|
|
||||||
"pk": "76bc594e-2715-49ab-bd40-994abd9a7b70",
|
|
||||||
"target": "773c6673-e4a2-423f-8d32-95b7b4a41cf3",
|
|
||||||
"stage": "a4090add-f483-4ac6-8917-10b493ef843e",
|
|
||||||
"order": 20
|
|
||||||
},
|
|
||||||
"model": "authentik_flows.flowstagebinding",
|
|
||||||
"attrs": {
|
|
||||||
"re_evaluate_policies": false
|
|
||||||
}
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"identifiers": {
|
|
||||||
"pk": "2f324f6d-7646-4108-a6e2-e7f90985477f",
|
|
||||||
"target": "773c6673-e4a2-423f-8d32-95b7b4a41cf3",
|
|
||||||
"stage": "77090897-eb3f-40db-81e6-b4074b1998c4",
|
|
||||||
"order": 100
|
|
||||||
},
|
|
||||||
"model": "authentik_flows.flowstagebinding",
|
|
||||||
"attrs": {
|
|
||||||
"re_evaluate_policies": false
|
|
||||||
}
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
|
|
|
@ -1,215 +1,146 @@
|
||||||
{
|
version: 1
|
||||||
"version": 1,
|
entries:
|
||||||
"entries": [
|
- identifiers:
|
||||||
{
|
pk: 773c6673-e4a2-423f-8d32-95b7b4a41cf3
|
||||||
"identifiers": {
|
slug: default-enrollment-flow
|
||||||
"pk": "773c6673-e4a2-423f-8d32-95b7b4a41cf3",
|
model: authentik_flows.flow
|
||||||
"slug": "default-enrollment-flow"
|
attrs:
|
||||||
},
|
name: Default enrollment Flow
|
||||||
"model": "authentik_flows.flow",
|
title: Welcome to authentik!
|
||||||
"attrs": {
|
designation: enrollment
|
||||||
"name": "Default enrollment Flow",
|
- identifiers:
|
||||||
"title": "Welcome to authentik!",
|
pk: cb954fd4-65a5-4ad9-b1ee-180ee9559cf4
|
||||||
"designation": "enrollment"
|
model: authentik_stages_prompt.prompt
|
||||||
}
|
attrs:
|
||||||
},
|
field_key: username
|
||||||
{
|
label: Username
|
||||||
"identifiers": {
|
type: username
|
||||||
"pk": "cb954fd4-65a5-4ad9-b1ee-180ee9559cf4"
|
required: true
|
||||||
},
|
placeholder: Username
|
||||||
"model": "authentik_stages_prompt.prompt",
|
order: 0
|
||||||
"attrs": {
|
- identifiers:
|
||||||
"field_key": "username",
|
pk: 7db91ee8-4290-4e08-8d39-63f132402515
|
||||||
"label": "Username",
|
model: authentik_stages_prompt.prompt
|
||||||
"type": "username",
|
attrs:
|
||||||
"required": true,
|
field_key: password
|
||||||
"placeholder": "Username",
|
label: Password
|
||||||
"order": 0
|
type: password
|
||||||
}
|
required: true
|
||||||
},
|
placeholder: Password
|
||||||
{
|
order: 0
|
||||||
"identifiers": {
|
- identifiers:
|
||||||
"pk": "7db91ee8-4290-4e08-8d39-63f132402515"
|
pk: d30b5eb4-7787-4072-b1ba-65b46e928920
|
||||||
},
|
model: authentik_stages_prompt.prompt
|
||||||
"model": "authentik_stages_prompt.prompt",
|
attrs:
|
||||||
"attrs": {
|
field_key: password_repeat
|
||||||
"field_key": "password",
|
label: Password (repeat)
|
||||||
"label": "Password",
|
type: password
|
||||||
"type": "password",
|
required: true
|
||||||
"required": true,
|
placeholder: Password (repeat)
|
||||||
"placeholder": "Password",
|
order: 1
|
||||||
"order": 0
|
- identifiers:
|
||||||
}
|
pk: f78d977a-efa6-4cc2-9a0f-2621a9fd94d2
|
||||||
},
|
model: authentik_stages_prompt.prompt
|
||||||
{
|
attrs:
|
||||||
"identifiers": {
|
field_key: name
|
||||||
"pk": "d30b5eb4-7787-4072-b1ba-65b46e928920"
|
label: Name
|
||||||
},
|
type: text
|
||||||
"model": "authentik_stages_prompt.prompt",
|
required: true
|
||||||
"attrs": {
|
placeholder: Name
|
||||||
"field_key": "password_repeat",
|
order: 0
|
||||||
"label": "Password (repeat)",
|
- identifiers:
|
||||||
"type": "password",
|
pk: 1ff91927-e33d-4615-95b0-c258e5f0df62
|
||||||
"required": true,
|
model: authentik_stages_prompt.prompt
|
||||||
"placeholder": "Password (repeat)",
|
attrs:
|
||||||
"order": 1
|
field_key: email
|
||||||
}
|
label: Email
|
||||||
},
|
type: email
|
||||||
{
|
required: true
|
||||||
"identifiers": {
|
placeholder: Email
|
||||||
"pk": "f78d977a-efa6-4cc2-9a0f-2621a9fd94d2"
|
order: 1
|
||||||
},
|
- identifiers:
|
||||||
"model": "authentik_stages_prompt.prompt",
|
pk: 096e6282-6b30-4695-bd03-3b143eab5580
|
||||||
"attrs": {
|
name: default-enrollment-email-verification
|
||||||
"field_key": "name",
|
model: authentik_stages_email.emailstage
|
||||||
"label": "Name",
|
attrs:
|
||||||
"type": "text",
|
use_global_settings: true
|
||||||
"required": true,
|
host: localhost
|
||||||
"placeholder": "Name",
|
port: 25
|
||||||
"order": 0
|
username: ""
|
||||||
}
|
use_tls: false
|
||||||
},
|
use_ssl: false
|
||||||
{
|
timeout: 10
|
||||||
"identifiers": {
|
from_address: system@authentik.local
|
||||||
"pk": "1ff91927-e33d-4615-95b0-c258e5f0df62"
|
token_expiry: 30
|
||||||
},
|
subject: authentik
|
||||||
"model": "authentik_stages_prompt.prompt",
|
template: email/account_confirmation.html
|
||||||
"attrs": {
|
activate_user_on_success: true
|
||||||
"field_key": "email",
|
- identifiers:
|
||||||
"label": "Email",
|
pk: 6c342b94-790d-425a-ae31-6196b6570722
|
||||||
"type": "email",
|
name: default-enrollment-prompt-second
|
||||||
"required": true,
|
model: authentik_stages_prompt.promptstage
|
||||||
"placeholder": "Email",
|
attrs:
|
||||||
"order": 1
|
fields:
|
||||||
}
|
- f78d977a-efa6-4cc2-9a0f-2621a9fd94d2
|
||||||
},
|
- 1ff91927-e33d-4615-95b0-c258e5f0df62
|
||||||
{
|
- identifiers:
|
||||||
"identifiers": {
|
pk: 20375f30-7fa7-4562-8f6e-0f61889f2963
|
||||||
"pk": "096e6282-6b30-4695-bd03-3b143eab5580",
|
name: default-enrollment-prompt-first
|
||||||
"name": "default-enrollment-email-verification"
|
model: authentik_stages_prompt.promptstage
|
||||||
},
|
attrs:
|
||||||
"model": "authentik_stages_email.emailstage",
|
fields:
|
||||||
"attrs": {
|
- cb954fd4-65a5-4ad9-b1ee-180ee9559cf4
|
||||||
"use_global_settings": true,
|
- 7db91ee8-4290-4e08-8d39-63f132402515
|
||||||
"host": "localhost",
|
- d30b5eb4-7787-4072-b1ba-65b46e928920
|
||||||
"port": 25,
|
- identifiers:
|
||||||
"username": "",
|
pk: 77090897-eb3f-40db-81e6-b4074b1998c4
|
||||||
"use_tls": false,
|
name: default-enrollment-user-login
|
||||||
"use_ssl": false,
|
model: authentik_stages_user_login.userloginstage
|
||||||
"timeout": 10,
|
attrs:
|
||||||
"from_address": "system@authentik.local",
|
session_duration: seconds=0
|
||||||
"token_expiry": 30,
|
- identifiers:
|
||||||
"subject": "authentik",
|
pk: a4090add-f483-4ac6-8917-10b493ef843e
|
||||||
"template": "email/account_confirmation.html",
|
name: default-enrollment-user-write
|
||||||
"activate_user_on_success": true
|
model: authentik_stages_user_write.userwritestage
|
||||||
}
|
attrs:
|
||||||
},
|
create_users_as_inactive: true
|
||||||
{
|
- identifiers:
|
||||||
"identifiers": {
|
pk: 34e1e7d5-8eed-4549-bc7a-305069ff7df0
|
||||||
"pk": "6c342b94-790d-425a-ae31-6196b6570722",
|
target: 773c6673-e4a2-423f-8d32-95b7b4a41cf3
|
||||||
"name": "default-enrollment-prompt-second"
|
stage: 20375f30-7fa7-4562-8f6e-0f61889f2963
|
||||||
},
|
order: 10
|
||||||
"model": "authentik_stages_prompt.promptstage",
|
model: authentik_flows.flowstagebinding
|
||||||
"attrs": {
|
attrs:
|
||||||
"fields": [
|
re_evaluate_policies: false
|
||||||
"f78d977a-efa6-4cc2-9a0f-2621a9fd94d2",
|
- identifiers:
|
||||||
"1ff91927-e33d-4615-95b0-c258e5f0df62"
|
pk: e40467a6-3052-488c-a1b5-1ad7a80fe7b3
|
||||||
]
|
target: 773c6673-e4a2-423f-8d32-95b7b4a41cf3
|
||||||
}
|
stage: 6c342b94-790d-425a-ae31-6196b6570722
|
||||||
},
|
order: 11
|
||||||
{
|
model: authentik_flows.flowstagebinding
|
||||||
"identifiers": {
|
attrs:
|
||||||
"pk": "20375f30-7fa7-4562-8f6e-0f61889f2963",
|
re_evaluate_policies: false
|
||||||
"name": "default-enrollment-prompt-first"
|
- identifiers:
|
||||||
},
|
pk: 76bc594e-2715-49ab-bd40-994abd9a7b70
|
||||||
"model": "authentik_stages_prompt.promptstage",
|
target: 773c6673-e4a2-423f-8d32-95b7b4a41cf3
|
||||||
"attrs": {
|
stage: a4090add-f483-4ac6-8917-10b493ef843e
|
||||||
"fields": [
|
order: 20
|
||||||
"cb954fd4-65a5-4ad9-b1ee-180ee9559cf4",
|
model: authentik_flows.flowstagebinding
|
||||||
"7db91ee8-4290-4e08-8d39-63f132402515",
|
attrs:
|
||||||
"d30b5eb4-7787-4072-b1ba-65b46e928920"
|
re_evaluate_policies: false
|
||||||
]
|
- identifiers:
|
||||||
}
|
pk: 1db34a14-8985-4184-b5c9-254cd585d94f
|
||||||
},
|
target: 773c6673-e4a2-423f-8d32-95b7b4a41cf3
|
||||||
{
|
stage: 096e6282-6b30-4695-bd03-3b143eab5580
|
||||||
"identifiers": {
|
order: 30
|
||||||
"pk": "77090897-eb3f-40db-81e6-b4074b1998c4",
|
model: authentik_flows.flowstagebinding
|
||||||
"name": "default-enrollment-user-login"
|
attrs:
|
||||||
},
|
re_evaluate_policies: false
|
||||||
"model": "authentik_stages_user_login.userloginstage",
|
- identifiers:
|
||||||
"attrs": {
|
pk: 2f324f6d-7646-4108-a6e2-e7f90985477f
|
||||||
"session_duration": "seconds=0"
|
target: 773c6673-e4a2-423f-8d32-95b7b4a41cf3
|
||||||
}
|
stage: 77090897-eb3f-40db-81e6-b4074b1998c4
|
||||||
},
|
order: 40
|
||||||
{
|
model: authentik_flows.flowstagebinding
|
||||||
"identifiers": {
|
attrs:
|
||||||
"pk": "a4090add-f483-4ac6-8917-10b493ef843e",
|
re_evaluate_policies: false
|
||||||
"name": "default-enrollment-user-write"
|
|
||||||
},
|
|
||||||
"model": "authentik_stages_user_write.userwritestage",
|
|
||||||
"attrs": {
|
|
||||||
"create_users_as_inactive": true
|
|
||||||
}
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"identifiers": {
|
|
||||||
"pk": "34e1e7d5-8eed-4549-bc7a-305069ff7df0",
|
|
||||||
"target": "773c6673-e4a2-423f-8d32-95b7b4a41cf3",
|
|
||||||
"stage": "20375f30-7fa7-4562-8f6e-0f61889f2963",
|
|
||||||
"order": 10
|
|
||||||
},
|
|
||||||
"model": "authentik_flows.flowstagebinding",
|
|
||||||
"attrs": {
|
|
||||||
"re_evaluate_policies": false
|
|
||||||
}
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"identifiers": {
|
|
||||||
"pk": "e40467a6-3052-488c-a1b5-1ad7a80fe7b3",
|
|
||||||
"target": "773c6673-e4a2-423f-8d32-95b7b4a41cf3",
|
|
||||||
"stage": "6c342b94-790d-425a-ae31-6196b6570722",
|
|
||||||
"order": 11
|
|
||||||
},
|
|
||||||
"model": "authentik_flows.flowstagebinding",
|
|
||||||
"attrs": {
|
|
||||||
"re_evaluate_policies": false
|
|
||||||
}
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"identifiers": {
|
|
||||||
"pk": "76bc594e-2715-49ab-bd40-994abd9a7b70",
|
|
||||||
"target": "773c6673-e4a2-423f-8d32-95b7b4a41cf3",
|
|
||||||
"stage": "a4090add-f483-4ac6-8917-10b493ef843e",
|
|
||||||
"order": 20
|
|
||||||
},
|
|
||||||
"model": "authentik_flows.flowstagebinding",
|
|
||||||
"attrs": {
|
|
||||||
"re_evaluate_policies": false
|
|
||||||
}
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"identifiers": {
|
|
||||||
"pk": "1db34a14-8985-4184-b5c9-254cd585d94f",
|
|
||||||
"target": "773c6673-e4a2-423f-8d32-95b7b4a41cf3",
|
|
||||||
"stage": "096e6282-6b30-4695-bd03-3b143eab5580",
|
|
||||||
"order": 30
|
|
||||||
},
|
|
||||||
"model": "authentik_flows.flowstagebinding",
|
|
||||||
"attrs": {
|
|
||||||
"re_evaluate_policies": false
|
|
||||||
}
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"identifiers": {
|
|
||||||
"pk": "2f324f6d-7646-4108-a6e2-e7f90985477f",
|
|
||||||
"target": "773c6673-e4a2-423f-8d32-95b7b4a41cf3",
|
|
||||||
"stage": "77090897-eb3f-40db-81e6-b4074b1998c4",
|
|
||||||
"order": 40
|
|
||||||
},
|
|
||||||
"model": "authentik_flows.flowstagebinding",
|
|
||||||
"attrs": {
|
|
||||||
"re_evaluate_policies": false
|
|
||||||
}
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
|
|
|
@ -1,139 +1,94 @@
|
||||||
{
|
version: 1
|
||||||
"version": 1,
|
entries:
|
||||||
"entries": [
|
- identifiers:
|
||||||
{
|
slug: default-authentication-flow
|
||||||
"identifiers": {
|
pk: 563ece21-e9a4-47e5-a264-23ffd923e393
|
||||||
"slug": "default-authentication-flow",
|
model: authentik_flows.flow
|
||||||
"pk": "563ece21-e9a4-47e5-a264-23ffd923e393"
|
attrs:
|
||||||
},
|
name: Default Authentication Flow
|
||||||
"model": "authentik_flows.flow",
|
title: Welcome to authentik!
|
||||||
"attrs": {
|
designation: authentication
|
||||||
"name": "Default Authentication Flow",
|
- identifiers:
|
||||||
"title": "Welcome to authentik!",
|
pk: 7db93f1e-788b-4af6-8dc6-5cdeb59d8be7
|
||||||
"designation": "authentication"
|
model: authentik_policies_expression.expressionpolicy
|
||||||
}
|
attrs:
|
||||||
},
|
name: test-not-app-password
|
||||||
{
|
execution_logging: false
|
||||||
"identifiers": {
|
bound_to: 1
|
||||||
"pk": "7db93f1e-788b-4af6-8dc6-5cdeb59d8be7"
|
expression: return context["auth_method"] != "app_password"
|
||||||
},
|
- identifiers:
|
||||||
"model": "authentik_policies_expression.expressionpolicy",
|
pk: 69d41125-3987-499b-8d74-ef27b54b88c8
|
||||||
"attrs": {
|
name: default-authentication-login
|
||||||
"name": "test-not-app-password",
|
model: authentik_stages_user_login.userloginstage
|
||||||
"execution_logging": false,
|
attrs:
|
||||||
"bound_to": 1,
|
session_duration: seconds=0
|
||||||
"expression": "return context[\"auth_method\"] != \"app_password\""
|
- identifiers:
|
||||||
}
|
pk: 5f594f27-0def-488d-9855-fe604eb13de5
|
||||||
},
|
name: default-authentication-identification
|
||||||
{
|
model: authentik_stages_identification.identificationstage
|
||||||
"identifiers": {
|
attrs:
|
||||||
"pk": "69d41125-3987-499b-8d74-ef27b54b88c8",
|
user_fields:
|
||||||
"name": "default-authentication-login"
|
- email
|
||||||
},
|
- username
|
||||||
"model": "authentik_stages_user_login.userloginstage",
|
template: stages/identification/login.html
|
||||||
"attrs": {
|
enrollment_flow: null
|
||||||
"session_duration": "seconds=0"
|
recovery_flow: null
|
||||||
}
|
- identifiers:
|
||||||
},
|
pk: 37f709c3-8817-45e8-9a93-80a925d293c2
|
||||||
{
|
name: default-authentication-flow-mfa
|
||||||
"identifiers": {
|
model: authentik_stages_authenticator_validate.AuthenticatorValidateStage
|
||||||
"pk": "5f594f27-0def-488d-9855-fe604eb13de5",
|
attrs: {}
|
||||||
"name": "default-authentication-identification"
|
- identifiers:
|
||||||
},
|
pk: d8affa62-500c-4c5c-a01f-5835e1ffdf40
|
||||||
"model": "authentik_stages_identification.identificationstage",
|
name: default-authentication-password
|
||||||
"attrs": {
|
model: authentik_stages_password.passwordstage
|
||||||
"user_fields": ["email", "username"],
|
attrs:
|
||||||
"template": "stages/identification/login.html",
|
backends:
|
||||||
"enrollment_flow": null,
|
- authentik.core.auth.InbuiltBackend
|
||||||
"recovery_flow": null
|
- authentik.core.auth.TokenBackend
|
||||||
}
|
- authentik.sources.ldap.auth.LDAPBackend
|
||||||
},
|
- identifiers:
|
||||||
{
|
pk: a3056482-b692-4e3a-93f1-7351c6a351c7
|
||||||
"identifiers": {
|
target: 563ece21-e9a4-47e5-a264-23ffd923e393
|
||||||
"pk": "37f709c3-8817-45e8-9a93-80a925d293c2",
|
stage: 5f594f27-0def-488d-9855-fe604eb13de5
|
||||||
"name": "default-authentication-flow-mfa"
|
order: 10
|
||||||
},
|
model: authentik_flows.flowstagebinding
|
||||||
"model": "authentik_stages_authenticator_validate.AuthenticatorValidateStage",
|
attrs:
|
||||||
"attrs": {}
|
re_evaluate_policies: false
|
||||||
},
|
- identifiers:
|
||||||
{
|
pk: 4e8538cf-3e18-4a68-82ae-6df6725fa2e6
|
||||||
"identifiers": {
|
target: 563ece21-e9a4-47e5-a264-23ffd923e393
|
||||||
"pk": "d8affa62-500c-4c5c-a01f-5835e1ffdf40",
|
stage: d8affa62-500c-4c5c-a01f-5835e1ffdf40
|
||||||
"name": "default-authentication-password"
|
order: 20
|
||||||
},
|
model: authentik_flows.flowstagebinding
|
||||||
"model": "authentik_stages_password.passwordstage",
|
attrs:
|
||||||
"attrs": {
|
re_evaluate_policies: false
|
||||||
"backends": [
|
- identifiers:
|
||||||
"authentik.core.auth.InbuiltBackend",
|
pk: 688aec6f-5622-42c6-83a5-d22072d7e798
|
||||||
"authentik.core.auth.TokenBackend",
|
target: 563ece21-e9a4-47e5-a264-23ffd923e393
|
||||||
"authentik.sources.ldap.auth.LDAPBackend"
|
stage: 37f709c3-8817-45e8-9a93-80a925d293c2
|
||||||
]
|
order: 30
|
||||||
}
|
model: authentik_flows.flowstagebinding
|
||||||
},
|
attrs:
|
||||||
{
|
evaluate_on_plan: false
|
||||||
"identifiers": {
|
re_evaluate_policies: true
|
||||||
"pk": "a3056482-b692-4e3a-93f1-7351c6a351c7",
|
policy_engine_mode: any
|
||||||
"target": "563ece21-e9a4-47e5-a264-23ffd923e393",
|
invalid_response_action: retry
|
||||||
"stage": "5f594f27-0def-488d-9855-fe604eb13de5",
|
- identifiers:
|
||||||
"order": 10
|
pk: f3fede3a-a9b5-4232-9ec7-be7ff4194b27
|
||||||
},
|
target: 563ece21-e9a4-47e5-a264-23ffd923e393
|
||||||
"model": "authentik_flows.flowstagebinding",
|
stage: 69d41125-3987-499b-8d74-ef27b54b88c8
|
||||||
"attrs": {
|
order: 100
|
||||||
"re_evaluate_policies": false
|
model: authentik_flows.flowstagebinding
|
||||||
}
|
attrs:
|
||||||
},
|
re_evaluate_policies: false
|
||||||
{
|
- identifiers:
|
||||||
"identifiers": {
|
pk: 6e40ae4d-a4ed-4bd7-a784-27b1fe5859d2
|
||||||
"pk": "4e8538cf-3e18-4a68-82ae-6df6725fa2e6",
|
policy: 7db93f1e-788b-4af6-8dc6-5cdeb59d8be7
|
||||||
"target": "563ece21-e9a4-47e5-a264-23ffd923e393",
|
target: 688aec6f-5622-42c6-83a5-d22072d7e798
|
||||||
"stage": "d8affa62-500c-4c5c-a01f-5835e1ffdf40",
|
order: 0
|
||||||
"order": 20
|
model: authentik_policies.policybinding
|
||||||
},
|
attrs:
|
||||||
"model": "authentik_flows.flowstagebinding",
|
negate: false
|
||||||
"attrs": {
|
enabled: true
|
||||||
"re_evaluate_policies": false
|
timeout: 30
|
||||||
}
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"identifiers": {
|
|
||||||
"pk": "688aec6f-5622-42c6-83a5-d22072d7e798",
|
|
||||||
"target": "563ece21-e9a4-47e5-a264-23ffd923e393",
|
|
||||||
"stage": "37f709c3-8817-45e8-9a93-80a925d293c2",
|
|
||||||
"order": 30
|
|
||||||
},
|
|
||||||
"model": "authentik_flows.flowstagebinding",
|
|
||||||
"attrs": {
|
|
||||||
"evaluate_on_plan": false,
|
|
||||||
"re_evaluate_policies": true,
|
|
||||||
"policy_engine_mode": "any",
|
|
||||||
"invalid_response_action": "retry"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"identifiers": {
|
|
||||||
"pk": "f3fede3a-a9b5-4232-9ec7-be7ff4194b27",
|
|
||||||
"target": "563ece21-e9a4-47e5-a264-23ffd923e393",
|
|
||||||
"stage": "69d41125-3987-499b-8d74-ef27b54b88c8",
|
|
||||||
"order": 100
|
|
||||||
},
|
|
||||||
"model": "authentik_flows.flowstagebinding",
|
|
||||||
"attrs": {
|
|
||||||
"re_evaluate_policies": false
|
|
||||||
}
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"identifiers": {
|
|
||||||
"pk": "6e40ae4d-a4ed-4bd7-a784-27b1fe5859d2",
|
|
||||||
"policy": "7db93f1e-788b-4af6-8dc6-5cdeb59d8be7",
|
|
||||||
"target": "688aec6f-5622-42c6-83a5-d22072d7e798",
|
|
||||||
"order": 0
|
|
||||||
},
|
|
||||||
"model": "authentik_policies.policybinding",
|
|
||||||
"attrs": {
|
|
||||||
"negate": false,
|
|
||||||
"enabled": true,
|
|
||||||
"timeout": 30
|
|
||||||
}
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
|
|
|
@ -1,139 +1,93 @@
|
||||||
{
|
version: 1
|
||||||
"version": 1,
|
entries:
|
||||||
"entries": [
|
- identifiers:
|
||||||
{
|
slug: default-authentication-flow
|
||||||
"identifiers": {
|
pk: 563ece21-e9a4-47e5-a264-23ffd923e393
|
||||||
"slug": "default-authentication-flow",
|
model: authentik_flows.flow
|
||||||
"pk": "563ece21-e9a4-47e5-a264-23ffd923e393"
|
attrs:
|
||||||
},
|
name: Default Authentication Flow
|
||||||
"model": "authentik_flows.flow",
|
title: Welcome to authentik!
|
||||||
"attrs": {
|
designation: authentication
|
||||||
"name": "Default Authentication Flow",
|
- identifiers:
|
||||||
"title": "Welcome to authentik!",
|
name: default-authentication-login
|
||||||
"designation": "authentication"
|
pk: 69d41125-3987-499b-8d74-ef27b54b88c8
|
||||||
}
|
model: authentik_stages_user_login.userloginstage
|
||||||
},
|
attrs:
|
||||||
{
|
session_duration: seconds=0
|
||||||
"identifiers": {
|
- identifiers:
|
||||||
"name": "default-authentication-login",
|
name: default-authentication-flow-captcha
|
||||||
"pk": "69d41125-3987-499b-8d74-ef27b54b88c8"
|
pk: a368cafc-1494-45e9-b75b-b5e7ac2bd3e4
|
||||||
},
|
model: authentik_stages_captcha.captchastage
|
||||||
"model": "authentik_stages_user_login.userloginstage",
|
attrs:
|
||||||
"attrs": {
|
public_key: 6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI
|
||||||
"session_duration": "seconds=0"
|
private_key: 6LeIxAcTAAAAAGG-vFI1TnRWxMZNFuojJ4WifJWe
|
||||||
}
|
- identifiers:
|
||||||
},
|
name: default-authentication-identification
|
||||||
{
|
pk: 5f594f27-0def-488d-9855-fe604eb13de5
|
||||||
"identifiers": {
|
model: authentik_stages_identification.identificationstage
|
||||||
"name": "default-authentication-flow-captcha",
|
attrs:
|
||||||
"pk": "a368cafc-1494-45e9-b75b-b5e7ac2bd3e4"
|
user_fields:
|
||||||
},
|
- email
|
||||||
"model": "authentik_stages_captcha.captchastage",
|
- username
|
||||||
"attrs": {
|
template: stages/identification/login.html
|
||||||
"public_key": "6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI",
|
enrollment_flow: null
|
||||||
"private_key": "6LeIxAcTAAAAAGG-vFI1TnRWxMZNFuojJ4WifJWe"
|
recovery_flow: null
|
||||||
}
|
- identifiers:
|
||||||
},
|
name: default-authentication-password
|
||||||
{
|
pk: d8affa62-500c-4c5c-a01f-5835e1ffdf40
|
||||||
"identifiers": {
|
model: authentik_stages_password.passwordstage
|
||||||
"name": "default-authentication-identification",
|
attrs:
|
||||||
"pk": "5f594f27-0def-488d-9855-fe604eb13de5"
|
backends:
|
||||||
},
|
- authentik.core.auth.InbuiltBackend
|
||||||
"model": "authentik_stages_identification.identificationstage",
|
- authentik.core.auth.TokenBackend
|
||||||
"attrs": {
|
- authentik.sources.ldap.auth.LDAPBackend
|
||||||
"user_fields": ["email", "username"],
|
- identifiers:
|
||||||
"template": "stages/identification/login.html",
|
pk: a3056482-b692-4e3a-93f1-7351c6a351c7
|
||||||
"enrollment_flow": null,
|
target: 563ece21-e9a4-47e5-a264-23ffd923e393
|
||||||
"recovery_flow": null
|
stage: 5f594f27-0def-488d-9855-fe604eb13de5
|
||||||
}
|
order: 10
|
||||||
},
|
model: authentik_flows.flowstagebinding
|
||||||
{
|
attrs:
|
||||||
"identifiers": {
|
re_evaluate_policies: false
|
||||||
"name": "default-authentication-password",
|
- identifiers:
|
||||||
"pk": "d8affa62-500c-4c5c-a01f-5835e1ffdf40"
|
pk: 4e8538cf-3e18-4a68-82ae-6df6725fa2e6
|
||||||
},
|
target: 563ece21-e9a4-47e5-a264-23ffd923e393
|
||||||
"model": "authentik_stages_password.passwordstage",
|
stage: d8affa62-500c-4c5c-a01f-5835e1ffdf40
|
||||||
"attrs": {
|
order: 20
|
||||||
"backends": [
|
model: authentik_flows.flowstagebinding
|
||||||
"authentik.core.auth.InbuiltBackend",
|
attrs:
|
||||||
"authentik.core.auth.TokenBackend",
|
re_evaluate_policies: false
|
||||||
"authentik.sources.ldap.auth.LDAPBackend"
|
- identifiers:
|
||||||
]
|
pk: 3bcd6af0-48a6-4e18-87f3-d251a1a58226
|
||||||
}
|
target: 563ece21-e9a4-47e5-a264-23ffd923e393
|
||||||
},
|
stage: a368cafc-1494-45e9-b75b-b5e7ac2bd3e4
|
||||||
{
|
order: 30
|
||||||
"identifiers": {
|
model: authentik_flows.flowstagebinding
|
||||||
"pk": "a3056482-b692-4e3a-93f1-7351c6a351c7",
|
attrs:
|
||||||
"target": "563ece21-e9a4-47e5-a264-23ffd923e393",
|
evaluate_on_plan: false
|
||||||
"stage": "5f594f27-0def-488d-9855-fe604eb13de5",
|
re_evaluate_policies: true
|
||||||
"order": 10
|
- identifiers:
|
||||||
},
|
pk: f3fede3a-a9b5-4232-9ec7-be7ff4194b27
|
||||||
"model": "authentik_flows.flowstagebinding",
|
target: 563ece21-e9a4-47e5-a264-23ffd923e393
|
||||||
"attrs": {
|
stage: 69d41125-3987-499b-8d74-ef27b54b88c8
|
||||||
"re_evaluate_policies": false
|
order: 100
|
||||||
}
|
model: authentik_flows.flowstagebinding
|
||||||
},
|
attrs:
|
||||||
{
|
re_evaluate_policies: false
|
||||||
"identifiers": {
|
- identifiers:
|
||||||
"pk": "4e8538cf-3e18-4a68-82ae-6df6725fa2e6",
|
pk: 688c9890-47ad-4327-a9e5-380e88d34be5
|
||||||
"target": "563ece21-e9a4-47e5-a264-23ffd923e393",
|
model: authentik_policies_reputation.reputationpolicy
|
||||||
"stage": "d8affa62-500c-4c5c-a01f-5835e1ffdf40",
|
attrs:
|
||||||
"order": 20
|
name: default-authentication-flow-conditional-captcha
|
||||||
},
|
check_ip: true
|
||||||
"model": "authentik_flows.flowstagebinding",
|
check_username: true
|
||||||
"attrs": {
|
threshold: -5
|
||||||
"re_evaluate_policies": false
|
- identifiers:
|
||||||
}
|
pk: 02e4d220-3448-44db-822e-c5255cf7c250
|
||||||
},
|
policy: 688c9890-47ad-4327-a9e5-380e88d34be5
|
||||||
{
|
target: 3bcd6af0-48a6-4e18-87f3-d251a1a58226
|
||||||
"identifiers": {
|
order: 0
|
||||||
"pk": "3bcd6af0-48a6-4e18-87f3-d251a1a58226",
|
model: authentik_policies.policybinding
|
||||||
"target": "563ece21-e9a4-47e5-a264-23ffd923e393",
|
attrs:
|
||||||
"stage": "a368cafc-1494-45e9-b75b-b5e7ac2bd3e4",
|
enabled: true
|
||||||
"order": 30
|
timeout: 30
|
||||||
},
|
|
||||||
"model": "authentik_flows.flowstagebinding",
|
|
||||||
"attrs": {
|
|
||||||
"evaluate_on_plan": false,
|
|
||||||
"re_evaluate_policies": true
|
|
||||||
}
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"identifiers": {
|
|
||||||
"pk": "f3fede3a-a9b5-4232-9ec7-be7ff4194b27",
|
|
||||||
"target": "563ece21-e9a4-47e5-a264-23ffd923e393",
|
|
||||||
"stage": "69d41125-3987-499b-8d74-ef27b54b88c8",
|
|
||||||
"order": 100
|
|
||||||
},
|
|
||||||
"model": "authentik_flows.flowstagebinding",
|
|
||||||
"attrs": {
|
|
||||||
"re_evaluate_policies": false
|
|
||||||
}
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"identifiers": {
|
|
||||||
"pk": "688c9890-47ad-4327-a9e5-380e88d34be5"
|
|
||||||
},
|
|
||||||
"model": "authentik_policies_reputation.reputationpolicy",
|
|
||||||
"attrs": {
|
|
||||||
"name": "default-authentication-flow-conditional-captcha",
|
|
||||||
"check_ip": true,
|
|
||||||
"check_username": true,
|
|
||||||
"threshold": -5
|
|
||||||
}
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"identifiers": {
|
|
||||||
"pk": "02e4d220-3448-44db-822e-c5255cf7c250",
|
|
||||||
"policy": "688c9890-47ad-4327-a9e5-380e88d34be5",
|
|
||||||
"target": "3bcd6af0-48a6-4e18-87f3-d251a1a58226",
|
|
||||||
"order": 0
|
|
||||||
},
|
|
||||||
"model": "authentik_policies.policybinding",
|
|
||||||
"attrs": {
|
|
||||||
"enabled": true,
|
|
||||||
"timeout": 30
|
|
||||||
}
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
|
|
|
@ -1,258 +1,185 @@
|
||||||
{
|
version: 1
|
||||||
"version": 1,
|
entries:
|
||||||
"entries": [
|
- identifiers:
|
||||||
{
|
pk: a5993183-89c0-43d2-a7f4-ddffb17baba7
|
||||||
"identifiers": {
|
slug: default-recovery-flow
|
||||||
"pk": "a5993183-89c0-43d2-a7f4-ddffb17baba7",
|
model: authentik_flows.flow
|
||||||
"slug": "default-recovery-flow"
|
attrs:
|
||||||
},
|
name: Default recovery flow
|
||||||
"model": "authentik_flows.flow",
|
title: Reset your password
|
||||||
"attrs": {
|
designation: recovery
|
||||||
"name": "Default recovery flow",
|
cache_count: 0
|
||||||
"title": "Reset your password",
|
policy_engine_mode: any
|
||||||
"designation": "recovery",
|
compatibility_mode: false
|
||||||
"cache_count": 0,
|
layout: stacked
|
||||||
"policy_engine_mode": "any",
|
- identifiers:
|
||||||
"compatibility_mode": false,
|
pk: 7db91ee8-4290-4e08-8d39-63f132402515
|
||||||
"layout": "stacked"
|
model: authentik_stages_prompt.prompt
|
||||||
}
|
attrs:
|
||||||
},
|
field_key: password
|
||||||
{
|
label: Password
|
||||||
"identifiers": {
|
type: password
|
||||||
"pk": "7db91ee8-4290-4e08-8d39-63f132402515"
|
required: true
|
||||||
},
|
placeholder: Password
|
||||||
"model": "authentik_stages_prompt.prompt",
|
order: 0
|
||||||
"attrs": {
|
sub_text: ""
|
||||||
"field_key": "password",
|
placeholder_expression: false
|
||||||
"label": "Password",
|
- identifiers:
|
||||||
"type": "password",
|
pk: d30b5eb4-7787-4072-b1ba-65b46e928920
|
||||||
"required": true,
|
model: authentik_stages_prompt.prompt
|
||||||
"placeholder": "Password",
|
attrs:
|
||||||
"order": 0,
|
field_key: password_repeat
|
||||||
"sub_text": "",
|
label: Password (repeat)
|
||||||
"placeholder_expression": false
|
type: password
|
||||||
}
|
required: true
|
||||||
},
|
placeholder: Password (repeat)
|
||||||
{
|
order: 1
|
||||||
"identifiers": {
|
sub_text: ""
|
||||||
"pk": "d30b5eb4-7787-4072-b1ba-65b46e928920"
|
placeholder_expression: false
|
||||||
},
|
- identifiers:
|
||||||
"model": "authentik_stages_prompt.prompt",
|
pk: 1c5709ae-1b3e-413a-a117-260ab509bf5c
|
||||||
"attrs": {
|
model: authentik_policies_expression.expressionpolicy
|
||||||
"field_key": "password_repeat",
|
attrs:
|
||||||
"label": "Password (repeat)",
|
name: default-recovery-skip-if-restored
|
||||||
"type": "password",
|
execution_logging: false
|
||||||
"required": true,
|
bound_to: 2
|
||||||
"placeholder": "Password (repeat)",
|
expression: return request.context.get('is_restored', False)
|
||||||
"order": 1,
|
- identifiers:
|
||||||
"sub_text": "",
|
pk: 1c5709ae-1b3e-413a-a117-260ab509bf5c
|
||||||
"placeholder_expression": false
|
model: authentik_policies_expression.expressionpolicy
|
||||||
}
|
attrs:
|
||||||
},
|
name: default-recovery-skip-if-restored
|
||||||
{
|
execution_logging: false
|
||||||
"identifiers": {
|
bound_to: 2
|
||||||
"pk": "1c5709ae-1b3e-413a-a117-260ab509bf5c"
|
expression: return request.context.get('is_restored', False)
|
||||||
},
|
- identifiers:
|
||||||
"model": "authentik_policies_expression.expressionpolicy",
|
pk: 4ac5719f-32c0-441c-8a7e-33c5ea0db7da
|
||||||
"attrs": {
|
name: default-recovery-email
|
||||||
"name": "default-recovery-skip-if-restored",
|
model: authentik_stages_email.emailstage
|
||||||
"execution_logging": false,
|
attrs:
|
||||||
"bound_to": 2,
|
use_global_settings: true
|
||||||
"expression": "return request.context.get('is_restored', False)"
|
host: localhost
|
||||||
}
|
port: 25
|
||||||
},
|
username: ""
|
||||||
{
|
use_tls: false
|
||||||
"identifiers": {
|
use_ssl: false
|
||||||
"pk": "1c5709ae-1b3e-413a-a117-260ab509bf5c"
|
timeout: 10
|
||||||
},
|
from_address: system@authentik.local
|
||||||
"model": "authentik_policies_expression.expressionpolicy",
|
token_expiry: 30
|
||||||
"attrs": {
|
subject: authentik
|
||||||
"name": "default-recovery-skip-if-restored",
|
template: email/password_reset.html
|
||||||
"execution_logging": false,
|
activate_user_on_success: true
|
||||||
"bound_to": 2,
|
- identifiers:
|
||||||
"expression": "return request.context.get('is_restored', False)"
|
pk: 68b25ad5-318a-496e-95a7-cf4d94247f0d
|
||||||
}
|
name: default-recovery-user-write
|
||||||
},
|
model: authentik_stages_user_write.userwritestage
|
||||||
{
|
attrs:
|
||||||
"identifiers": {
|
create_users_as_inactive: false
|
||||||
"pk": "4ac5719f-32c0-441c-8a7e-33c5ea0db7da",
|
create_users_group: null
|
||||||
"name": "default-recovery-email"
|
user_path_template: ""
|
||||||
},
|
- identifiers:
|
||||||
"model": "authentik_stages_email.emailstage",
|
pk: 94843ef6-28fe-4939-bd61-cd46bb34f1de
|
||||||
"attrs": {
|
name: default-recovery-identification
|
||||||
"use_global_settings": true,
|
model: authentik_stages_identification.identificationstage
|
||||||
"host": "localhost",
|
attrs:
|
||||||
"port": 25,
|
user_fields:
|
||||||
"username": "",
|
- email
|
||||||
"use_tls": false,
|
- username
|
||||||
"use_ssl": false,
|
password_stage: null
|
||||||
"timeout": 10,
|
case_insensitive_matching: true
|
||||||
"from_address": "system@authentik.local",
|
show_matched_user: true
|
||||||
"token_expiry": 30,
|
enrollment_flow: null
|
||||||
"subject": "authentik",
|
recovery_flow: null
|
||||||
"template": "email/password_reset.html",
|
passwordless_flow: null
|
||||||
"activate_user_on_success": true
|
sources: []
|
||||||
}
|
show_source_labels: false
|
||||||
},
|
- identifiers:
|
||||||
{
|
pk: e74230b2-82bc-4843-8b18-2c3a66a62d57
|
||||||
"identifiers": {
|
name: default-recovery-user-login
|
||||||
"pk": "68b25ad5-318a-496e-95a7-cf4d94247f0d",
|
model: authentik_stages_user_login.userloginstage
|
||||||
"name": "default-recovery-user-write"
|
attrs:
|
||||||
},
|
session_duration: seconds=0
|
||||||
"model": "authentik_stages_user_write.userwritestage",
|
- identifiers:
|
||||||
"attrs": {
|
pk: fa2d8d65-1809-4dcc-bdc0-56266e0f7971
|
||||||
"create_users_as_inactive": false,
|
name: Change your password
|
||||||
"create_users_group": null,
|
model: authentik_stages_prompt.promptstage
|
||||||
"user_path_template": ""
|
attrs:
|
||||||
}
|
fields:
|
||||||
},
|
- 7db91ee8-4290-4e08-8d39-63f132402515
|
||||||
{
|
- d30b5eb4-7787-4072-b1ba-65b46e928920
|
||||||
"identifiers": {
|
validation_policies: []
|
||||||
"pk": "94843ef6-28fe-4939-bd61-cd46bb34f1de",
|
- identifiers:
|
||||||
"name": "default-recovery-identification"
|
pk: 7af7558e-2196-4b9f-a08e-d38420b7cfbb
|
||||||
},
|
target: a5993183-89c0-43d2-a7f4-ddffb17baba7
|
||||||
"model": "authentik_stages_identification.identificationstage",
|
stage: 94843ef6-28fe-4939-bd61-cd46bb34f1de
|
||||||
"attrs": {
|
order: 10
|
||||||
"user_fields": [
|
model: authentik_flows.flowstagebinding
|
||||||
"email",
|
attrs:
|
||||||
"username"
|
evaluate_on_plan: true
|
||||||
],
|
re_evaluate_policies: true
|
||||||
"password_stage": null,
|
policy_engine_mode: any
|
||||||
"case_insensitive_matching": true,
|
invalid_response_action: retry
|
||||||
"show_matched_user": true,
|
- identifiers:
|
||||||
"enrollment_flow": null,
|
pk: 29446fd6-dd93-4e92-9830-2d81debad5ae
|
||||||
"recovery_flow": null,
|
target: a5993183-89c0-43d2-a7f4-ddffb17baba7
|
||||||
"passwordless_flow": null,
|
stage: 4ac5719f-32c0-441c-8a7e-33c5ea0db7da
|
||||||
"sources": [],
|
order: 20
|
||||||
"show_source_labels": false
|
model: authentik_flows.flowstagebinding
|
||||||
}
|
attrs:
|
||||||
},
|
evaluate_on_plan: true
|
||||||
{
|
re_evaluate_policies: true
|
||||||
"identifiers": {
|
policy_engine_mode: any
|
||||||
"pk": "e74230b2-82bc-4843-8b18-2c3a66a62d57",
|
invalid_response_action: retry
|
||||||
"name": "default-recovery-user-login"
|
- identifiers:
|
||||||
},
|
pk: 1219d06e-2c06-4c5b-a162-78e3959c6cf0
|
||||||
"model": "authentik_stages_user_login.userloginstage",
|
target: a5993183-89c0-43d2-a7f4-ddffb17baba7
|
||||||
"attrs": {
|
stage: fa2d8d65-1809-4dcc-bdc0-56266e0f7971
|
||||||
"session_duration": "seconds=0"
|
order: 30
|
||||||
}
|
model: authentik_flows.flowstagebinding
|
||||||
},
|
attrs:
|
||||||
{
|
evaluate_on_plan: true
|
||||||
"identifiers": {
|
re_evaluate_policies: false
|
||||||
"pk": "fa2d8d65-1809-4dcc-bdc0-56266e0f7971",
|
policy_engine_mode: any
|
||||||
"name": "Change your password"
|
invalid_response_action: retry
|
||||||
},
|
- identifiers:
|
||||||
"model": "authentik_stages_prompt.promptstage",
|
pk: 66de86ba-0707-46a0-8475-ff2e260d6935
|
||||||
"attrs": {
|
target: a5993183-89c0-43d2-a7f4-ddffb17baba7
|
||||||
"fields": [
|
stage: 68b25ad5-318a-496e-95a7-cf4d94247f0d
|
||||||
"7db91ee8-4290-4e08-8d39-63f132402515",
|
order: 40
|
||||||
"d30b5eb4-7787-4072-b1ba-65b46e928920"
|
model: authentik_flows.flowstagebinding
|
||||||
],
|
attrs:
|
||||||
"validation_policies": []
|
evaluate_on_plan: true
|
||||||
}
|
re_evaluate_policies: false
|
||||||
},
|
policy_engine_mode: any
|
||||||
{
|
invalid_response_action: retry
|
||||||
"identifiers": {
|
- identifiers:
|
||||||
"pk": "7af7558e-2196-4b9f-a08e-d38420b7cfbb",
|
pk: 9cec2334-d4a2-4895-a2b2-bc5ae4e9639a
|
||||||
"target": "a5993183-89c0-43d2-a7f4-ddffb17baba7",
|
target: a5993183-89c0-43d2-a7f4-ddffb17baba7
|
||||||
"stage": "94843ef6-28fe-4939-bd61-cd46bb34f1de",
|
stage: e74230b2-82bc-4843-8b18-2c3a66a62d57
|
||||||
"order": 10
|
order: 100
|
||||||
},
|
model: authentik_flows.flowstagebinding
|
||||||
"model": "authentik_flows.flowstagebinding",
|
attrs:
|
||||||
"attrs": {
|
evaluate_on_plan: true
|
||||||
"evaluate_on_plan": true,
|
re_evaluate_policies: false
|
||||||
"re_evaluate_policies": true,
|
policy_engine_mode: any
|
||||||
"policy_engine_mode": "any",
|
invalid_response_action: retry
|
||||||
"invalid_response_action": "retry"
|
- identifiers:
|
||||||
}
|
pk: 95aad215-8729-4177-953d-41ffbe86239e
|
||||||
},
|
policy: 1c5709ae-1b3e-413a-a117-260ab509bf5c
|
||||||
{
|
target: 7af7558e-2196-4b9f-a08e-d38420b7cfbb
|
||||||
"identifiers": {
|
order: 0
|
||||||
"pk": "29446fd6-dd93-4e92-9830-2d81debad5ae",
|
model: authentik_policies.policybinding
|
||||||
"target": "a5993183-89c0-43d2-a7f4-ddffb17baba7",
|
attrs:
|
||||||
"stage": "4ac5719f-32c0-441c-8a7e-33c5ea0db7da",
|
negate: false
|
||||||
"order": 20
|
enabled: true
|
||||||
},
|
timeout: 30
|
||||||
"model": "authentik_flows.flowstagebinding",
|
- identifiers:
|
||||||
"attrs": {
|
pk: a5454cbc-d2e4-403a-84af-6af999990b12
|
||||||
"evaluate_on_plan": true,
|
policy: 1c5709ae-1b3e-413a-a117-260ab509bf5c
|
||||||
"re_evaluate_policies": true,
|
target: 29446fd6-dd93-4e92-9830-2d81debad5ae
|
||||||
"policy_engine_mode": "any",
|
order: 0
|
||||||
"invalid_response_action": "retry"
|
model: authentik_policies.policybinding
|
||||||
}
|
attrs:
|
||||||
},
|
negate: false
|
||||||
{
|
enabled: true
|
||||||
"identifiers": {
|
timeout: 30
|
||||||
"pk": "1219d06e-2c06-4c5b-a162-78e3959c6cf0",
|
|
||||||
"target": "a5993183-89c0-43d2-a7f4-ddffb17baba7",
|
|
||||||
"stage": "fa2d8d65-1809-4dcc-bdc0-56266e0f7971",
|
|
||||||
"order": 30
|
|
||||||
},
|
|
||||||
"model": "authentik_flows.flowstagebinding",
|
|
||||||
"attrs": {
|
|
||||||
"evaluate_on_plan": true,
|
|
||||||
"re_evaluate_policies": false,
|
|
||||||
"policy_engine_mode": "any",
|
|
||||||
"invalid_response_action": "retry"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"identifiers": {
|
|
||||||
"pk": "66de86ba-0707-46a0-8475-ff2e260d6935",
|
|
||||||
"target": "a5993183-89c0-43d2-a7f4-ddffb17baba7",
|
|
||||||
"stage": "68b25ad5-318a-496e-95a7-cf4d94247f0d",
|
|
||||||
"order": 40
|
|
||||||
},
|
|
||||||
"model": "authentik_flows.flowstagebinding",
|
|
||||||
"attrs": {
|
|
||||||
"evaluate_on_plan": true,
|
|
||||||
"re_evaluate_policies": false,
|
|
||||||
"policy_engine_mode": "any",
|
|
||||||
"invalid_response_action": "retry"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"identifiers": {
|
|
||||||
"pk": "9cec2334-d4a2-4895-a2b2-bc5ae4e9639a",
|
|
||||||
"target": "a5993183-89c0-43d2-a7f4-ddffb17baba7",
|
|
||||||
"stage": "e74230b2-82bc-4843-8b18-2c3a66a62d57",
|
|
||||||
"order": 100
|
|
||||||
},
|
|
||||||
"model": "authentik_flows.flowstagebinding",
|
|
||||||
"attrs": {
|
|
||||||
"evaluate_on_plan": true,
|
|
||||||
"re_evaluate_policies": false,
|
|
||||||
"policy_engine_mode": "any",
|
|
||||||
"invalid_response_action": "retry"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"identifiers": {
|
|
||||||
"pk": "95aad215-8729-4177-953d-41ffbe86239e",
|
|
||||||
"policy": "1c5709ae-1b3e-413a-a117-260ab509bf5c",
|
|
||||||
"target": "7af7558e-2196-4b9f-a08e-d38420b7cfbb",
|
|
||||||
"order": 0
|
|
||||||
},
|
|
||||||
"model": "authentik_policies.policybinding",
|
|
||||||
"attrs": {
|
|
||||||
"negate": false,
|
|
||||||
"enabled": true,
|
|
||||||
"timeout": 30
|
|
||||||
}
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"identifiers": {
|
|
||||||
"pk": "a5454cbc-d2e4-403a-84af-6af999990b12",
|
|
||||||
"policy": "1c5709ae-1b3e-413a-a117-260ab509bf5c",
|
|
||||||
"target": "29446fd6-dd93-4e92-9830-2d81debad5ae",
|
|
||||||
"order": 0
|
|
||||||
},
|
|
||||||
"model": "authentik_policies.policybinding",
|
|
||||||
"attrs": {
|
|
||||||
"negate": false,
|
|
||||||
"enabled": true,
|
|
||||||
"timeout": 30
|
|
||||||
}
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
|
|
|
@ -1,37 +1,23 @@
|
||||||
{
|
version: 1
|
||||||
"version": 1,
|
entries:
|
||||||
"entries": [
|
- identifiers:
|
||||||
{
|
pk: 59a576ce-2f23-4a63-b63a-d18dc7e550f5
|
||||||
"identifiers": {
|
slug: default-unenrollment-flow
|
||||||
"pk": "59a576ce-2f23-4a63-b63a-d18dc7e550f5",
|
model: authentik_flows.flow
|
||||||
"slug": "default-unenrollment-flow"
|
attrs:
|
||||||
},
|
name: Default unenrollment flow
|
||||||
"model": "authentik_flows.flow",
|
title: Delete your account
|
||||||
"attrs": {
|
designation: unenrollment
|
||||||
"name": "Default unenrollment flow",
|
- identifiers:
|
||||||
"title": "Delete your account",
|
pk: c62ac2a4-2735-4a0f-abd0-8523d68c1209
|
||||||
"designation": "unenrollment"
|
name: default-unenrollment-user-delete
|
||||||
}
|
model: authentik_stages_user_delete.userdeletestage
|
||||||
},
|
attrs: {}
|
||||||
{
|
- identifiers:
|
||||||
"identifiers": {
|
pk: eb9aff2b-b95d-40b3-ad08-233aa77bbcf3
|
||||||
"pk": "c62ac2a4-2735-4a0f-abd0-8523d68c1209",
|
target: 59a576ce-2f23-4a63-b63a-d18dc7e550f5
|
||||||
"name": "default-unenrollment-user-delete"
|
stage: c62ac2a4-2735-4a0f-abd0-8523d68c1209
|
||||||
},
|
order: 10
|
||||||
"model": "authentik_stages_user_delete.userdeletestage",
|
model: authentik_flows.flowstagebinding
|
||||||
"attrs": {}
|
attrs:
|
||||||
},
|
re_evaluate_policies: false
|
||||||
{
|
|
||||||
"identifiers": {
|
|
||||||
"pk": "eb9aff2b-b95d-40b3-ad08-233aa77bbcf3",
|
|
||||||
"target": "59a576ce-2f23-4a63-b63a-d18dc7e550f5",
|
|
||||||
"stage": "c62ac2a4-2735-4a0f-abd0-8523d68c1209",
|
|
||||||
"order": 10
|
|
||||||
},
|
|
||||||
"model": "authentik_flows.flowstagebinding",
|
|
||||||
"attrs": {
|
|
||||||
"re_evaluate_policies": false
|
|
||||||
}
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
|
|
Reference in New Issue