trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

admin: remove provider views 

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-04-01 19:28:30 +02:00
parent 5eb9b95ab5
commit b4a6f8350b
8 changed files with 11 additions and 197 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
authentik/admin/urls.py
View File

@ -1,7 +1,7 @@
"""authentik URL Configuration""" """authentik URL Configuration"""
from django.urls import path from django.urls import path
from authentik.admin.views import policies, providers, sources, stages from authentik.admin.views import policies, sources, stages
urlpatterns = [ urlpatterns = [
# Sources # Sources
@ -18,17 +18,6 @@ urlpatterns = [
policies.PolicyUpdateView.as_view(), policies.PolicyUpdateView.as_view(),
name="policy-update", name="policy-update",
), ),
# Providers
path(
"providers/create/",
providers.ProviderCreateView.as_view(),
name="provider-create",
),
path(
"providers/<int:pk>/update/",
providers.ProviderUpdateView.as_view(),
name="provider-update",
),
# Stages # Stages
path("stages/create/", stages.StageCreateView.as_view(), name="stage-create"), path("stages/create/", stages.StageCreateView.as_view(), name="stage-create"),
path( path(

41
authentik/admin/views/providers.py
View File

@ -1,41 +0,0 @@
"""authentik Provider administration"""
from django.contrib.auth.mixins import LoginRequiredMixin
from django.contrib.auth.mixins import (
PermissionRequiredMixin as DjangoPermissionRequiredMixin,
)
from django.contrib.messages.views import SuccessMessageMixin
from django.utils.translation import gettext as _
from guardian.mixins import PermissionRequiredMixin
from authentik.admin.views.utils import InheritanceCreateView, InheritanceUpdateView
from authentik.core.models import Provider
class ProviderCreateView(
SuccessMessageMixin,
LoginRequiredMixin,
DjangoPermissionRequiredMixin,
InheritanceCreateView,
):
"""Create new Provider"""
model = Provider
permission_required = "authentik_core.add_provider"
success_url = "/"
template_name = "generic/create.html"
success_message = _("Successfully created Provider")
class ProviderUpdateView(
SuccessMessageMixin,
LoginRequiredMixin,
PermissionRequiredMixin,
InheritanceUpdateView,
):
"""Update provider"""
model = Provider
permission_required = "authentik_core.change_provider"
success_url = "/"
template_name = "generic/update.html"
success_message = _("Successfully updated Provider")

7
authentik/core/api/providers.py
View File

@ -1,5 +1,4 @@
"""Provider API Views""" """Provider API Views"""
from django.urls import reverse
from django.utils.translation import gettext_lazy as _ from django.utils.translation import gettext_lazy as _
from drf_yasg.utils import swagger_auto_schema from drf_yasg.utils import swagger_auto_schema
from rest_framework import mixins from rest_framework import mixins
@ -34,7 +33,6 @@ class ProviderSerializer(ModelSerializer, MetaNameSerializer):
fields = [ fields = [
"pk", "pk",
"name", "name",
"application",
"authorization_flow", "authorization_flow",
"property_mappings", "property_mappings",
"object_type", "object_type",
@ -76,15 +74,14 @@ class ProviderViewSet(
{ {
"name": verbose_name(subclass), "name": verbose_name(subclass),
"description": subclass.__doc__, "description": subclass.__doc__,
"link": reverse("authentik_admin:provider-create") "link": subclass().component,
+ f"?type={subclass.__name__}",
} }
) )
data.append( data.append(
{ {
"name": _("SAML Provider from Metadata"), "name": _("SAML Provider from Metadata"),
"description": _("Create a SAML Provider by importing its Metadata."), "description": _("Create a SAML Provider by importing its Metadata."),
"link": reverse("authentik_admin:provider-saml-from-metadata"), "link": "ak-provider-saml-import-form",
} }
) )
return Response(TypeCreateSerializer(data, many=True).data) return Response(TypeCreateSerializer(data, many=True).data)

4
authentik/core/models.py
View File

@ -188,8 +188,8 @@ class Provider(SerializerModel):
return None return None
@property @property
def form(self) -> Type[ModelForm]: def component(self) -> str:
"""Return Form class used to edit this object""" """Return component used to edit this object"""
raise NotImplementedError raise NotImplementedError
@property @property

75
authentik/providers/oauth2/forms.py
View File

@ -1,75 +0,0 @@
"""authentik OAuth2 Provider Forms"""
from django import forms
from django.core.exceptions import ValidationError
from django.utils.translation import gettext as _
from authentik.crypto.models import CertificateKeyPair
from authentik.flows.models import Flow, FlowDesignation
from authentik.providers.oauth2.generators import (
generate_client_id,
generate_client_secret,
)
from authentik.providers.oauth2.models import (
JWTAlgorithms,
OAuth2Provider,
ScopeMapping,
)
class OAuth2ProviderForm(forms.ModelForm):
"""OAuth2 Provider form"""
def __init__(self, *args, **kwargs):
super().__init__(*args, **kwargs)
self.fields["authorization_flow"].queryset = Flow.objects.filter(
designation=FlowDesignation.AUTHORIZATION
)
self.fields["client_id"].initial = generate_client_id()
self.fields["client_secret"].initial = generate_client_secret()
self.fields["rsa_key"].queryset = CertificateKeyPair.objects.exclude(
key_data__exact=""
)
self.fields["property_mappings"].queryset = ScopeMapping.objects.all()
def clean_jwt_alg(self):
"""Ensure that when RS256 is selected, a certificate-key-pair is selected"""
if (
self.data["rsa_key"] == ""
and self.cleaned_data["jwt_alg"] == JWTAlgorithms.RS256
):
raise ValidationError(
_("RS256 requires a Certificate-Key-Pair to be selected.")
)
return self.cleaned_data["jwt_alg"]
class Meta:
model = OAuth2Provider
fields = [
"name",
"authorization_flow",
"client_type",
"client_id",
"client_secret",
"token_validity",
"jwt_alg",
"property_mappings",
"rsa_key",
"redirect_uris",
"sub_mode",
"include_claims_in_id_token",
"issuer_mode",
]
widgets = {
"name": forms.TextInput(),
"token_validity": forms.TextInput(),
}
labels = {"property_mappings": _("Scopes")}
help_texts = {
"property_mappings": _(
(
"Select which scopes <b>can</b> be used by the client. "
"The client stil has to specify the scope to access the data."
)
)
}

11
authentik/providers/oauth2/models.py
View File

@ -13,7 +13,6 @@ from uuid import uuid4
from dacite import from_dict from dacite import from_dict
from django.conf import settings from django.conf import settings
from django.db import models from django.db import models
from django.forms import ModelForm
from django.http import HttpRequest from django.http import HttpRequest
from django.utils import dateformat, timezone from django.utils import dateformat, timezone
from django.utils.translation import gettext_lazy as _ from django.utils.translation import gettext_lazy as _
@ -283,18 +282,16 @@ class OAuth2Provider(Provider):
launch_url = urlparse(main_url) launch_url = urlparse(main_url)
return main_url.replace(launch_url.path, "") return main_url.replace(launch_url.path, "")
@property
def component(self) -> str:
return "ak-provider-oauth2-form"
@property @property
def serializer(self) -> Type[Serializer]: def serializer(self) -> Type[Serializer]:
from authentik.providers.oauth2.api.provider import OAuth2ProviderSerializer from authentik.providers.oauth2.api.provider import OAuth2ProviderSerializer
return OAuth2ProviderSerializer return OAuth2ProviderSerializer
@property
def form(self) -> Type[ModelForm]:
from authentik.providers.oauth2.forms import OAuth2ProviderForm
return OAuth2ProviderForm
def __str__(self): def __str__(self):
return f"OAuth2 Provider {self.name}" return f"OAuth2 Provider {self.name}"

50
authentik/providers/proxy/forms.py
View File

@ -1,50 +0,0 @@
"""authentik Proxy Provider Forms"""
from django import forms
from authentik.crypto.models import CertificateKeyPair
from authentik.flows.models import Flow, FlowDesignation
from authentik.providers.proxy.models import ProxyProvider
class ProxyProviderForm(forms.ModelForm):
"""Proxy Provider form"""
instance: ProxyProvider
def __init__(self, *args, **kwargs):
super().__init__(*args, **kwargs)
self.fields["authorization_flow"].queryset = Flow.objects.filter(
designation=FlowDesignation.AUTHORIZATION
)
self.fields["certificate"].queryset = CertificateKeyPair.objects.filter(
key_data__isnull=False
).exclude(key_data="")
def save(self, *args, **kwargs):
actual_save = super().save(*args, **kwargs)
self.instance.set_oauth_defaults()
self.instance.save()
return actual_save
class Meta:
model = ProxyProvider
fields = [
"name",
"authorization_flow",
"internal_host",
"internal_host_ssl_validation",
"external_host",
"certificate",
"skip_path_regex",
"basic_auth_enabled",
"basic_auth_user_attribute",
"basic_auth_password_attribute",
]
widgets = {
"name": forms.TextInput(),
"internal_host": forms.TextInput(),
"external_host": forms.TextInput(),
"basic_auth_user_attribute": forms.TextInput(),
"basic_auth_password_attribute": forms.TextInput(),
}

7
authentik/providers/proxy/models.py
View File

@ -5,7 +5,6 @@ from typing import Iterable, Optional, Type
from urllib.parse import urljoin from urllib.parse import urljoin
from django.db import models from django.db import models
from django.forms import ModelForm
from django.utils.translation import gettext as _ from django.utils.translation import gettext as _
from rest_framework.serializers import Serializer from rest_framework.serializers import Serializer
@ -102,10 +101,8 @@ class ProxyProvider(OutpostModel, OAuth2Provider):
cookie_secret = models.TextField(default=get_cookie_secret) cookie_secret = models.TextField(default=get_cookie_secret)
@property @property
def form(self) -> Type[ModelForm]: def component(self) -> str:
from authentik.providers.proxy.forms import ProxyProviderForm return "ak-provider-proxy-form"
return ProxyProviderForm
@property @property
def serializer(self) -> Type[Serializer]: def serializer(self) -> Type[Serializer]: