trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

providers/*: simplify provider API

This commit is contained in:
Jens Langhammer 2021-02-06 17:31:29 +01:00
parent a6ac82c492
commit 91d6a3c8c7
5 changed files with 174 additions and 106 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
authentik/core/api/providers.py
View File

@ -1,4 +1,5 @@
"""Provider API Views""" """Provider API Views"""
from rest_framework.fields import ReadOnlyField
from rest_framework.serializers import ModelSerializer, SerializerMethodField from rest_framework.serializers import ModelSerializer, SerializerMethodField
from rest_framework.viewsets import ModelViewSet from rest_framework.viewsets import ModelViewSet
@ -9,18 +10,15 @@ from authentik.core.models import Provider
class ProviderSerializer(ModelSerializer, MetaNameSerializer): class ProviderSerializer(ModelSerializer, MetaNameSerializer):
"""Provider Serializer""" """Provider Serializer"""
assigned_application_slug = ReadOnlyField(source="application.slug")
assigned_application_name = ReadOnlyField(source="application.name")
object_type = SerializerMethodField() object_type = SerializerMethodField()
def get_object_type(self, obj): def get_object_type(self, obj):
"""Get object type so that we know which API Endpoint to use to get the full object""" """Get object type so that we know which API Endpoint to use to get the full object"""
return obj._meta.object_name.lower().replace("provider", "") return obj._meta.object_name.lower().replace("provider", "")
def to_representation(self, instance: Provider):
# pyright: reportGeneralTypeIssues=false
if instance.__class__ == Provider:
return super().to_representation(instance)
return instance.serializer(instance=instance).data
class Meta: class Meta:
model = Provider model = Provider
@ -31,6 +29,8 @@ class ProviderSerializer(ModelSerializer, MetaNameSerializer):
"authorization_flow", "authorization_flow",
"property_mappings", "property_mappings",
"object_type", "object_type",
"assigned_application_slug",
"assigned_application_name",
"verbose_name", "verbose_name",
"verbose_name_plural", "verbose_name_plural",
] ]

15
authentik/providers/oauth2/api.py
View File

@ -1,24 +1,19 @@
"""OAuth2Provider API Views""" """OAuth2Provider API Views"""
from rest_framework.fields import ReadOnlyField
from rest_framework.serializers import ModelSerializer from rest_framework.serializers import ModelSerializer
from rest_framework.viewsets import ModelViewSet from rest_framework.viewsets import ModelViewSet
from authentik.core.api.providers import ProviderSerializer
from authentik.core.api.utils import MetaNameSerializer from authentik.core.api.utils import MetaNameSerializer
from authentik.providers.oauth2.models import OAuth2Provider, ScopeMapping from authentik.providers.oauth2.models import OAuth2Provider, ScopeMapping
class OAuth2ProviderSerializer(ModelSerializer, MetaNameSerializer): class OAuth2ProviderSerializer(ProviderSerializer):
"""OAuth2Provider Serializer""" """OAuth2Provider Serializer"""
assigned_application_slug = ReadOnlyField(source="application.slug")
assigned_application_name = ReadOnlyField(source="application.name")
class Meta: class Meta:
model = OAuth2Provider model = OAuth2Provider
fields = [ fields = ProviderSerializer.Meta.fields + [
"pk",
"name",
"authorization_flow", "authorization_flow",
"client_type", "client_type",
"client_id", "client_id",
@ -31,10 +26,6 @@ class OAuth2ProviderSerializer(ModelSerializer, MetaNameSerializer):
"sub_mode", "sub_mode",
"property_mappings", "property_mappings",
"issuer_mode", "issuer_mode",
"assigned_application_slug",
"assigned_application_name",
"verbose_name",
"verbose_name_plural",
] ]

22
authentik/providers/proxy/api.py
View File

@ -1,17 +1,12 @@
"""ProxyProvider API Views""" """ProxyProvider API Views"""
from drf_yasg2.utils import swagger_serializer_method from drf_yasg2.utils import swagger_serializer_method
from rest_framework.fields import ( from rest_framework.fields import CharField, ListField, SerializerMethodField
CharField,
ListField,
ReadOnlyField,
SerializerMethodField,
)
from rest_framework.request import Request from rest_framework.request import Request
from rest_framework.response import Response from rest_framework.response import Response
from rest_framework.serializers import ModelSerializer, Serializer from rest_framework.serializers import ModelSerializer, Serializer
from rest_framework.viewsets import ModelViewSet from rest_framework.viewsets import ModelViewSet
from authentik.core.api.utils import MetaNameSerializer from authentik.core.api.providers import ProviderSerializer
from authentik.providers.oauth2.views.provider import ProviderInfoView from authentik.providers.oauth2.views.provider import ProviderInfoView
from authentik.providers.proxy.models import ProxyProvider from authentik.providers.proxy.models import ProxyProvider
@ -39,12 +34,9 @@ class OpenIDConnectConfigurationSerializer(Serializer):
raise NotImplementedError raise NotImplementedError
class ProxyProviderSerializer(MetaNameSerializer, ModelSerializer): class ProxyProviderSerializer(ProviderSerializer):
"""ProxyProvider Serializer""" """ProxyProvider Serializer"""
assigned_application_slug = ReadOnlyField(source="application.slug")
assigned_application_name = ReadOnlyField(source="application.name")
def create(self, validated_data): def create(self, validated_data):
instance: ProxyProvider = super().create(validated_data) instance: ProxyProvider = super().create(validated_data)
instance.set_oauth_defaults() instance.set_oauth_defaults()
@ -58,9 +50,7 @@ class ProxyProviderSerializer(MetaNameSerializer, ModelSerializer):
class Meta: class Meta:
model = ProxyProvider model = ProxyProvider
fields = [ fields = ProviderSerializer.Meta.fields + [
"pk",
"name",
"internal_host", "internal_host",
"external_host", "external_host",
"internal_host_ssl_validation", "internal_host_ssl_validation",
@ -69,10 +59,6 @@ class ProxyProviderSerializer(MetaNameSerializer, ModelSerializer):
"basic_auth_enabled", "basic_auth_enabled",
"basic_auth_password_attribute", "basic_auth_password_attribute",
"basic_auth_user_attribute", "basic_auth_user_attribute",
"assigned_application_slug",
"assigned_application_name",
"verbose_name",
"verbose_name_plural",
] ]

41
authentik/providers/saml/api.py
View File

@ -1,24 +1,26 @@
"""SAMLProvider API Views""" """SAMLProvider API Views"""
from drf_yasg2.utils import swagger_auto_schema
from rest_framework.fields import ReadOnlyField from rest_framework.fields import ReadOnlyField
from rest_framework.serializers import ModelSerializer from authentik.providers.saml.views import DescriptorDownloadView
from rest_framework.generics import get_object_or_404
from rest_framework.serializers import ModelSerializer, Serializer
from rest_framework.viewsets import ModelViewSet from rest_framework.viewsets import ModelViewSet
from rest_framework.decorators import action
from rest_framework.request import Request
from rest_framework.response import Response
from guardian.shortcuts import get_objects_for_user
from authentik.core.api.providers import ProviderSerializer
from authentik.core.api.utils import MetaNameSerializer from authentik.core.api.utils import MetaNameSerializer
from authentik.providers.saml.models import SAMLPropertyMapping, SAMLProvider from authentik.providers.saml.models import SAMLPropertyMapping, SAMLProvider
class SAMLProviderSerializer(ModelSerializer, MetaNameSerializer): class SAMLProviderSerializer(ProviderSerializer):
"""SAMLProvider Serializer""" """SAMLProvider Serializer"""
assigned_application_slug = ReadOnlyField(source="application.slug")
assigned_application_name = ReadOnlyField(source="application.name")
class Meta: class Meta:
model = SAMLProvider model = SAMLProvider
fields = [ fields = ProviderSerializer.Meta.fields + [
"pk",
"name",
"acs_url", "acs_url",
"audience", "audience",
"issuer", "issuer",
@ -31,19 +33,32 @@ class SAMLProviderSerializer(ModelSerializer, MetaNameSerializer):
"signature_algorithm", "signature_algorithm",
"signing_kp", "signing_kp",
"verification_kp", "verification_kp",
"assigned_application_slug",
"assigned_application_name",
"verbose_name",
"verbose_name_plural",
] ]
class SAMLMetadataSerializer(Serializer):
"""SAML Provider Metadata serializer"""
metadata = ReadOnlyField()
class SAMLProviderViewSet(ModelViewSet): class SAMLProviderViewSet(ModelViewSet):
"""SAMLProvider Viewset""" """SAMLProvider Viewset"""
queryset = SAMLProvider.objects.all() queryset = SAMLProvider.objects.all()
serializer_class = SAMLProviderSerializer serializer_class = SAMLProviderSerializer
@action(methods=["GET"], detail=True)
@swagger_auto_schema(responses={200: SAMLMetadataSerializer(many=False)})
# pylint: disable=invalid-name
def metadata(self, request: Request, pk: int) -> str:
"""Return metadata as XML string"""
provider = get_object_or_404(SAMLProvider, pk=pk)
metadata = DescriptorDownloadView.get_metadata(request, provider)
return Response({
"metadata": metadata
})
class SAMLPropertyMappingSerializer(ModelSerializer, MetaNameSerializer): class SAMLPropertyMappingSerializer(ModelSerializer, MetaNameSerializer):
"""SAMLPropertyMapping Serializer""" """SAMLPropertyMapping Serializer"""

190
swagger.yaml
View File

@ -4557,6 +4557,24 @@ paths:
description: A unique integer value identifying this SAML Provider. description: A unique integer value identifying this SAML Provider.
required: true required: true
type: integer type: integer
/providers/saml/{id}/metadata/:
get:
operationId: providers_saml_metadata
description: Return metadata as XML string
parameters: []
responses:
'200':
description: SAML Provider Metadata serializer
schema:
$ref: '#/definitions/SAMLMetadata'
tags:
- providers
parameters:
- name: id
in: path
description: A unique integer value identifying this SAML Provider.
required: true
type: integer
/root/config/: /root/config/:
get: get:
operationId: root_config_list operationId: root_config_list
@ -7364,6 +7382,14 @@ definitions:
title: Object type title: Object type
type: string type: string
readOnly: true readOnly: true
assigned_application_slug:
title: Assigned application slug
type: string
readOnly: true
assigned_application_name:
title: Assigned application name
type: string
readOnly: true
verbose_name: verbose_name:
title: Verbose name title: Verbose name
type: string type: string
@ -8671,6 +8697,7 @@ definitions:
description: OAuth2Provider Serializer description: OAuth2Provider Serializer
required: required:
- name - name
- application
- authorization_flow - authorization_flow
type: object type: object
properties: properties:
@ -8682,11 +8709,40 @@ definitions:
title: Name title: Name
type: string type: string
minLength: 1 minLength: 1
application:
title: Application
type: string
authorization_flow: authorization_flow:
title: Authorization flow title: Authorization flow
description: Flow used when authorizing this provider. description: Flow used when authorizing this provider.
type: string type: string
format: uuid format: uuid
property_mappings:
type: array
items:
type: string
format: uuid
uniqueItems: true
object_type:
title: Object type
type: string
readOnly: true
assigned_application_slug:
title: Assigned application slug
type: string
readOnly: true
assigned_application_name:
title: Assigned application name
type: string
readOnly: true
verbose_name:
title: Verbose name
type: string
readOnly: true
verbose_name_plural:
title: Verbose name plural
type: string
readOnly: true
client_type: client_type:
title: Client Type title: Client Type
description: |- description: |-
@ -8745,12 +8801,6 @@ definitions:
- user_username - user_username
- user_email - user_email
- user_upn - user_upn
property_mappings:
type: array
items:
type: string
format: uuid
uniqueItems: true
issuer_mode: issuer_mode:
title: Issuer mode title: Issuer mode
description: Configure how the issuer field of the ID Token should be filled. description: Configure how the issuer field of the ID Token should be filled.
@ -8758,6 +8808,42 @@ definitions:
enum: enum:
- global - global
- per_provider - per_provider
ProxyProvider:
description: ProxyProvider Serializer
required:
- name
- application
- authorization_flow
- internal_host
- external_host
type: object
properties:
pk:
title: ID
type: integer
readOnly: true
name:
title: Name
type: string
minLength: 1
application:
title: Application
type: string
authorization_flow:
title: Authorization flow
description: Flow used when authorizing this provider.
type: string
format: uuid
property_mappings:
type: array
items:
type: string
format: uuid
uniqueItems: true
object_type:
title: Object type
type: string
readOnly: true
assigned_application_slug: assigned_application_slug:
title: Assigned application slug title: Assigned application slug
type: string type: string
@ -8774,22 +8860,6 @@ definitions:
title: Verbose name plural title: Verbose name plural
type: string type: string
readOnly: true readOnly: true
ProxyProvider:
description: ProxyProvider Serializer
required:
- name
- internal_host
- external_host
type: object
properties:
pk:
title: ID
type: integer
readOnly: true
name:
title: Name
type: string
minLength: 1
internal_host: internal_host:
title: Internal host title: Internal host
type: string type: string
@ -8827,6 +8897,41 @@ definitions:
description: User/Group Attribute used for the user part of the HTTP-Basic description: User/Group Attribute used for the user part of the HTTP-Basic
Header. If not set, the user's Email address is used. Header. If not set, the user's Email address is used.
type: string type: string
SAMLProvider:
description: SAMLProvider Serializer
required:
- name
- application
- authorization_flow
- acs_url
type: object
properties:
pk:
title: ID
type: integer
readOnly: true
name:
title: Name
type: string
minLength: 1
application:
title: Application
type: string
authorization_flow:
title: Authorization flow
description: Flow used when authorizing this provider.
type: string
format: uuid
property_mappings:
type: array
items:
type: string
format: uuid
uniqueItems: true
object_type:
title: Object type
type: string
readOnly: true
assigned_application_slug: assigned_application_slug:
title: Assigned application slug title: Assigned application slug
type: string type: string
@ -8843,21 +8948,6 @@ definitions:
title: Verbose name plural title: Verbose name plural
type: string type: string
readOnly: true readOnly: true
SAMLProvider:
description: SAMLProvider Serializer
required:
- name
- acs_url
type: object
properties:
pk:
title: ID
type: integer
readOnly: true
name:
title: Name
type: string
minLength: 1
acs_url: acs_url:
title: ACS URL title: ACS URL
type: string type: string
@ -8892,12 +8982,6 @@ definitions:
hours=1;minutes=2;seconds=3).' hours=1;minutes=2;seconds=3).'
type: string type: string
minLength: 1 minLength: 1
property_mappings:
type: array
items:
type: string
format: uuid
uniqueItems: true
name_id_mapping: name_id_mapping:
title: NameID Property Mapping title: NameID Property Mapping
description: Configure how the NameID value will be created. When left empty, description: Configure how the NameID value will be created. When left empty,
@ -8935,20 +9019,12 @@ definitions:
type: string type: string
format: uuid format: uuid
x-nullable: true x-nullable: true
assigned_application_slug: SAMLMetadata:
title: Assigned application slug description: SAML Provider Metadata serializer
type: string type: object
readOnly: true properties:
assigned_application_name: metadata:
title: Assigned application name title: Metadata
type: string
readOnly: true
verbose_name:
title: Verbose name
type: string
readOnly: true
verbose_name_plural:
title: Verbose name plural
type: string type: string
readOnly: true readOnly: true
Config: Config: