admin: remove provider views
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
5eb9b95ab5
commit
b4a6f8350b
|
@ -1,7 +1,7 @@
|
||||||
"""authentik URL Configuration"""
|
"""authentik URL Configuration"""
|
||||||
from django.urls import path
|
from django.urls import path
|
||||||
|
|
||||||
from authentik.admin.views import policies, providers, sources, stages
|
from authentik.admin.views import policies, sources, stages
|
||||||
|
|
||||||
urlpatterns = [
|
urlpatterns = [
|
||||||
# Sources
|
# Sources
|
||||||
|
@ -18,17 +18,6 @@ urlpatterns = [
|
||||||
policies.PolicyUpdateView.as_view(),
|
policies.PolicyUpdateView.as_view(),
|
||||||
name="policy-update",
|
name="policy-update",
|
||||||
),
|
),
|
||||||
# Providers
|
|
||||||
path(
|
|
||||||
"providers/create/",
|
|
||||||
providers.ProviderCreateView.as_view(),
|
|
||||||
name="provider-create",
|
|
||||||
),
|
|
||||||
path(
|
|
||||||
"providers/<int:pk>/update/",
|
|
||||||
providers.ProviderUpdateView.as_view(),
|
|
||||||
name="provider-update",
|
|
||||||
),
|
|
||||||
# Stages
|
# Stages
|
||||||
path("stages/create/", stages.StageCreateView.as_view(), name="stage-create"),
|
path("stages/create/", stages.StageCreateView.as_view(), name="stage-create"),
|
||||||
path(
|
path(
|
||||||
|
|
|
@ -1,41 +0,0 @@
|
||||||
"""authentik Provider administration"""
|
|
||||||
from django.contrib.auth.mixins import LoginRequiredMixin
|
|
||||||
from django.contrib.auth.mixins import (
|
|
||||||
PermissionRequiredMixin as DjangoPermissionRequiredMixin,
|
|
||||||
)
|
|
||||||
from django.contrib.messages.views import SuccessMessageMixin
|
|
||||||
from django.utils.translation import gettext as _
|
|
||||||
from guardian.mixins import PermissionRequiredMixin
|
|
||||||
|
|
||||||
from authentik.admin.views.utils import InheritanceCreateView, InheritanceUpdateView
|
|
||||||
from authentik.core.models import Provider
|
|
||||||
|
|
||||||
|
|
||||||
class ProviderCreateView(
|
|
||||||
SuccessMessageMixin,
|
|
||||||
LoginRequiredMixin,
|
|
||||||
DjangoPermissionRequiredMixin,
|
|
||||||
InheritanceCreateView,
|
|
||||||
):
|
|
||||||
"""Create new Provider"""
|
|
||||||
|
|
||||||
model = Provider
|
|
||||||
permission_required = "authentik_core.add_provider"
|
|
||||||
success_url = "/"
|
|
||||||
template_name = "generic/create.html"
|
|
||||||
success_message = _("Successfully created Provider")
|
|
||||||
|
|
||||||
|
|
||||||
class ProviderUpdateView(
|
|
||||||
SuccessMessageMixin,
|
|
||||||
LoginRequiredMixin,
|
|
||||||
PermissionRequiredMixin,
|
|
||||||
InheritanceUpdateView,
|
|
||||||
):
|
|
||||||
"""Update provider"""
|
|
||||||
|
|
||||||
model = Provider
|
|
||||||
permission_required = "authentik_core.change_provider"
|
|
||||||
success_url = "/"
|
|
||||||
template_name = "generic/update.html"
|
|
||||||
success_message = _("Successfully updated Provider")
|
|
|
@ -1,5 +1,4 @@
|
||||||
"""Provider API Views"""
|
"""Provider API Views"""
|
||||||
from django.urls import reverse
|
|
||||||
from django.utils.translation import gettext_lazy as _
|
from django.utils.translation import gettext_lazy as _
|
||||||
from drf_yasg.utils import swagger_auto_schema
|
from drf_yasg.utils import swagger_auto_schema
|
||||||
from rest_framework import mixins
|
from rest_framework import mixins
|
||||||
|
@ -34,7 +33,6 @@ class ProviderSerializer(ModelSerializer, MetaNameSerializer):
|
||||||
fields = [
|
fields = [
|
||||||
"pk",
|
"pk",
|
||||||
"name",
|
"name",
|
||||||
"application",
|
|
||||||
"authorization_flow",
|
"authorization_flow",
|
||||||
"property_mappings",
|
"property_mappings",
|
||||||
"object_type",
|
"object_type",
|
||||||
|
@ -76,15 +74,14 @@ class ProviderViewSet(
|
||||||
{
|
{
|
||||||
"name": verbose_name(subclass),
|
"name": verbose_name(subclass),
|
||||||
"description": subclass.__doc__,
|
"description": subclass.__doc__,
|
||||||
"link": reverse("authentik_admin:provider-create")
|
"link": subclass().component,
|
||||||
+ f"?type={subclass.__name__}",
|
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
data.append(
|
data.append(
|
||||||
{
|
{
|
||||||
"name": _("SAML Provider from Metadata"),
|
"name": _("SAML Provider from Metadata"),
|
||||||
"description": _("Create a SAML Provider by importing its Metadata."),
|
"description": _("Create a SAML Provider by importing its Metadata."),
|
||||||
"link": reverse("authentik_admin:provider-saml-from-metadata"),
|
"link": "ak-provider-saml-import-form",
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
return Response(TypeCreateSerializer(data, many=True).data)
|
return Response(TypeCreateSerializer(data, many=True).data)
|
||||||
|
|
|
@ -188,8 +188,8 @@ class Provider(SerializerModel):
|
||||||
return None
|
return None
|
||||||
|
|
||||||
@property
|
@property
|
||||||
def form(self) -> Type[ModelForm]:
|
def component(self) -> str:
|
||||||
"""Return Form class used to edit this object"""
|
"""Return component used to edit this object"""
|
||||||
raise NotImplementedError
|
raise NotImplementedError
|
||||||
|
|
||||||
@property
|
@property
|
||||||
|
|
|
@ -1,75 +0,0 @@
|
||||||
"""authentik OAuth2 Provider Forms"""
|
|
||||||
|
|
||||||
from django import forms
|
|
||||||
from django.core.exceptions import ValidationError
|
|
||||||
from django.utils.translation import gettext as _
|
|
||||||
|
|
||||||
from authentik.crypto.models import CertificateKeyPair
|
|
||||||
from authentik.flows.models import Flow, FlowDesignation
|
|
||||||
from authentik.providers.oauth2.generators import (
|
|
||||||
generate_client_id,
|
|
||||||
generate_client_secret,
|
|
||||||
)
|
|
||||||
from authentik.providers.oauth2.models import (
|
|
||||||
JWTAlgorithms,
|
|
||||||
OAuth2Provider,
|
|
||||||
ScopeMapping,
|
|
||||||
)
|
|
||||||
|
|
||||||
|
|
||||||
class OAuth2ProviderForm(forms.ModelForm):
|
|
||||||
"""OAuth2 Provider form"""
|
|
||||||
|
|
||||||
def __init__(self, *args, **kwargs):
|
|
||||||
super().__init__(*args, **kwargs)
|
|
||||||
self.fields["authorization_flow"].queryset = Flow.objects.filter(
|
|
||||||
designation=FlowDesignation.AUTHORIZATION
|
|
||||||
)
|
|
||||||
self.fields["client_id"].initial = generate_client_id()
|
|
||||||
self.fields["client_secret"].initial = generate_client_secret()
|
|
||||||
self.fields["rsa_key"].queryset = CertificateKeyPair.objects.exclude(
|
|
||||||
key_data__exact=""
|
|
||||||
)
|
|
||||||
self.fields["property_mappings"].queryset = ScopeMapping.objects.all()
|
|
||||||
|
|
||||||
def clean_jwt_alg(self):
|
|
||||||
"""Ensure that when RS256 is selected, a certificate-key-pair is selected"""
|
|
||||||
if (
|
|
||||||
self.data["rsa_key"] == ""
|
|
||||||
and self.cleaned_data["jwt_alg"] == JWTAlgorithms.RS256
|
|
||||||
):
|
|
||||||
raise ValidationError(
|
|
||||||
_("RS256 requires a Certificate-Key-Pair to be selected.")
|
|
||||||
)
|
|
||||||
return self.cleaned_data["jwt_alg"]
|
|
||||||
|
|
||||||
class Meta:
|
|
||||||
model = OAuth2Provider
|
|
||||||
fields = [
|
|
||||||
"name",
|
|
||||||
"authorization_flow",
|
|
||||||
"client_type",
|
|
||||||
"client_id",
|
|
||||||
"client_secret",
|
|
||||||
"token_validity",
|
|
||||||
"jwt_alg",
|
|
||||||
"property_mappings",
|
|
||||||
"rsa_key",
|
|
||||||
"redirect_uris",
|
|
||||||
"sub_mode",
|
|
||||||
"include_claims_in_id_token",
|
|
||||||
"issuer_mode",
|
|
||||||
]
|
|
||||||
widgets = {
|
|
||||||
"name": forms.TextInput(),
|
|
||||||
"token_validity": forms.TextInput(),
|
|
||||||
}
|
|
||||||
labels = {"property_mappings": _("Scopes")}
|
|
||||||
help_texts = {
|
|
||||||
"property_mappings": _(
|
|
||||||
(
|
|
||||||
"Select which scopes <b>can</b> be used by the client. "
|
|
||||||
"The client stil has to specify the scope to access the data."
|
|
||||||
)
|
|
||||||
)
|
|
||||||
}
|
|
|
@ -13,7 +13,6 @@ from uuid import uuid4
|
||||||
from dacite import from_dict
|
from dacite import from_dict
|
||||||
from django.conf import settings
|
from django.conf import settings
|
||||||
from django.db import models
|
from django.db import models
|
||||||
from django.forms import ModelForm
|
|
||||||
from django.http import HttpRequest
|
from django.http import HttpRequest
|
||||||
from django.utils import dateformat, timezone
|
from django.utils import dateformat, timezone
|
||||||
from django.utils.translation import gettext_lazy as _
|
from django.utils.translation import gettext_lazy as _
|
||||||
|
@ -283,18 +282,16 @@ class OAuth2Provider(Provider):
|
||||||
launch_url = urlparse(main_url)
|
launch_url = urlparse(main_url)
|
||||||
return main_url.replace(launch_url.path, "")
|
return main_url.replace(launch_url.path, "")
|
||||||
|
|
||||||
|
@property
|
||||||
|
def component(self) -> str:
|
||||||
|
return "ak-provider-oauth2-form"
|
||||||
|
|
||||||
@property
|
@property
|
||||||
def serializer(self) -> Type[Serializer]:
|
def serializer(self) -> Type[Serializer]:
|
||||||
from authentik.providers.oauth2.api.provider import OAuth2ProviderSerializer
|
from authentik.providers.oauth2.api.provider import OAuth2ProviderSerializer
|
||||||
|
|
||||||
return OAuth2ProviderSerializer
|
return OAuth2ProviderSerializer
|
||||||
|
|
||||||
@property
|
|
||||||
def form(self) -> Type[ModelForm]:
|
|
||||||
from authentik.providers.oauth2.forms import OAuth2ProviderForm
|
|
||||||
|
|
||||||
return OAuth2ProviderForm
|
|
||||||
|
|
||||||
def __str__(self):
|
def __str__(self):
|
||||||
return f"OAuth2 Provider {self.name}"
|
return f"OAuth2 Provider {self.name}"
|
||||||
|
|
||||||
|
|
|
@ -1,50 +0,0 @@
|
||||||
"""authentik Proxy Provider Forms"""
|
|
||||||
from django import forms
|
|
||||||
|
|
||||||
from authentik.crypto.models import CertificateKeyPair
|
|
||||||
from authentik.flows.models import Flow, FlowDesignation
|
|
||||||
from authentik.providers.proxy.models import ProxyProvider
|
|
||||||
|
|
||||||
|
|
||||||
class ProxyProviderForm(forms.ModelForm):
|
|
||||||
"""Proxy Provider form"""
|
|
||||||
|
|
||||||
instance: ProxyProvider
|
|
||||||
|
|
||||||
def __init__(self, *args, **kwargs):
|
|
||||||
super().__init__(*args, **kwargs)
|
|
||||||
self.fields["authorization_flow"].queryset = Flow.objects.filter(
|
|
||||||
designation=FlowDesignation.AUTHORIZATION
|
|
||||||
)
|
|
||||||
self.fields["certificate"].queryset = CertificateKeyPair.objects.filter(
|
|
||||||
key_data__isnull=False
|
|
||||||
).exclude(key_data="")
|
|
||||||
|
|
||||||
def save(self, *args, **kwargs):
|
|
||||||
actual_save = super().save(*args, **kwargs)
|
|
||||||
self.instance.set_oauth_defaults()
|
|
||||||
self.instance.save()
|
|
||||||
return actual_save
|
|
||||||
|
|
||||||
class Meta:
|
|
||||||
|
|
||||||
model = ProxyProvider
|
|
||||||
fields = [
|
|
||||||
"name",
|
|
||||||
"authorization_flow",
|
|
||||||
"internal_host",
|
|
||||||
"internal_host_ssl_validation",
|
|
||||||
"external_host",
|
|
||||||
"certificate",
|
|
||||||
"skip_path_regex",
|
|
||||||
"basic_auth_enabled",
|
|
||||||
"basic_auth_user_attribute",
|
|
||||||
"basic_auth_password_attribute",
|
|
||||||
]
|
|
||||||
widgets = {
|
|
||||||
"name": forms.TextInput(),
|
|
||||||
"internal_host": forms.TextInput(),
|
|
||||||
"external_host": forms.TextInput(),
|
|
||||||
"basic_auth_user_attribute": forms.TextInput(),
|
|
||||||
"basic_auth_password_attribute": forms.TextInput(),
|
|
||||||
}
|
|
|
@ -5,7 +5,6 @@ from typing import Iterable, Optional, Type
|
||||||
from urllib.parse import urljoin
|
from urllib.parse import urljoin
|
||||||
|
|
||||||
from django.db import models
|
from django.db import models
|
||||||
from django.forms import ModelForm
|
|
||||||
from django.utils.translation import gettext as _
|
from django.utils.translation import gettext as _
|
||||||
from rest_framework.serializers import Serializer
|
from rest_framework.serializers import Serializer
|
||||||
|
|
||||||
|
@ -102,10 +101,8 @@ class ProxyProvider(OutpostModel, OAuth2Provider):
|
||||||
cookie_secret = models.TextField(default=get_cookie_secret)
|
cookie_secret = models.TextField(default=get_cookie_secret)
|
||||||
|
|
||||||
@property
|
@property
|
||||||
def form(self) -> Type[ModelForm]:
|
def component(self) -> str:
|
||||||
from authentik.providers.proxy.forms import ProxyProviderForm
|
return "ak-provider-proxy-form"
|
||||||
|
|
||||||
return ProxyProviderForm
|
|
||||||
|
|
||||||
@property
|
@property
|
||||||
def serializer(self) -> Type[Serializer]:
|
def serializer(self) -> Type[Serializer]:
|
||||||
|
|
Reference in a new issue