api: add additional filters for ldap and proxy providers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
c2b9dc5c75
commit
d92d8e6dbb
2
Makefile
2
Makefile
|
@ -61,7 +61,7 @@ gen-outpost:
|
||||||
-i /local/schema.yml \
|
-i /local/schema.yml \
|
||||||
-g go \
|
-g go \
|
||||||
-o /local/api \
|
-o /local/api \
|
||||||
--additional-properties=packageName=api,enumClassPrefix=true,useOneOfDiscriminatorLookup=true
|
--additional-properties=packageName=api,enumClassPrefix=true,useOneOfDiscriminatorLookup=true,disallowAdditionalPropertiesIfNotPresent=false
|
||||||
rm -f api/go.mod api/go.sum
|
rm -f api/go.mod api/go.sum
|
||||||
|
|
||||||
gen: gen-build gen-clean gen-web gen-outpost
|
gen: gen-build gen-clean gen-web gen-outpost
|
||||||
|
|
|
@ -29,7 +29,19 @@ class LDAPProviderViewSet(UsedByMixin, ModelViewSet):
|
||||||
|
|
||||||
queryset = LDAPProvider.objects.all()
|
queryset = LDAPProvider.objects.all()
|
||||||
serializer_class = LDAPProviderSerializer
|
serializer_class = LDAPProviderSerializer
|
||||||
filterset_fields = "__all__"
|
filterset_fields = {
|
||||||
|
"application": ["isnull"],
|
||||||
|
"name": ["iexact"],
|
||||||
|
"authorization_flow__slug": ["iexact"],
|
||||||
|
"base_dn": ["iexact"],
|
||||||
|
"search_group__group_uuid": ["iexact"],
|
||||||
|
"search_group__name": ["iexact"],
|
||||||
|
"certificate__kp_uuid": ["iexact"],
|
||||||
|
"certificate__name": ["iexact"],
|
||||||
|
"tls_server_name": ["iexact"],
|
||||||
|
"uid_start_number": ["iexact"],
|
||||||
|
"gid_start_number": ["iexact"],
|
||||||
|
}
|
||||||
ordering = ["name"]
|
ordering = ["name"]
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -80,7 +80,24 @@ class ProxyProviderViewSet(UsedByMixin, ModelViewSet):
|
||||||
|
|
||||||
queryset = ProxyProvider.objects.all()
|
queryset = ProxyProvider.objects.all()
|
||||||
serializer_class = ProxyProviderSerializer
|
serializer_class = ProxyProviderSerializer
|
||||||
filterset_fields = "__all__"
|
filterset_fields = {
|
||||||
|
"application": ["isnull"],
|
||||||
|
"name": ["iexact"],
|
||||||
|
"authorization_flow__slug": ["iexact"],
|
||||||
|
"property_mappings": ["iexact"],
|
||||||
|
"internal_host": ["iexact"],
|
||||||
|
"external_host": ["iexact"],
|
||||||
|
"internal_host_ssl_validation": ["iexact"],
|
||||||
|
"certificate__kp_uuid": ["iexact"],
|
||||||
|
"certificate__name": ["iexact"],
|
||||||
|
"skip_path_regex": ["iexact"],
|
||||||
|
"basic_auth_enabled": ["iexact"],
|
||||||
|
"basic_auth_password_attribute": ["iexact"],
|
||||||
|
"basic_auth_user_attribute": ["iexact"],
|
||||||
|
"mode": ["iexact"],
|
||||||
|
"redirect_uris": ["iexact"],
|
||||||
|
"cookie_domain": ["iexact"],
|
||||||
|
}
|
||||||
ordering = ["name"]
|
ordering = ["name"]
|
||||||
|
|
||||||
|
|
||||||
|
|
190
schema.yml
190
schema.yml
|
@ -10004,25 +10004,32 @@ paths:
|
||||||
description: LDAPProvider Viewset
|
description: LDAPProvider Viewset
|
||||||
parameters:
|
parameters:
|
||||||
- in: query
|
- in: query
|
||||||
name: authorization_flow
|
name: application__isnull
|
||||||
|
schema:
|
||||||
|
type: boolean
|
||||||
|
- in: query
|
||||||
|
name: authorization_flow__slug__iexact
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
- in: query
|
||||||
|
name: base_dn__iexact
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
- in: query
|
||||||
|
name: certificate__kp_uuid__iexact
|
||||||
schema:
|
schema:
|
||||||
type: string
|
type: string
|
||||||
format: uuid
|
format: uuid
|
||||||
- in: query
|
- in: query
|
||||||
name: base_dn
|
name: certificate__name__iexact
|
||||||
schema:
|
schema:
|
||||||
type: string
|
type: string
|
||||||
- in: query
|
- in: query
|
||||||
name: certificate
|
name: gid_start_number__iexact
|
||||||
schema:
|
|
||||||
type: string
|
|
||||||
format: uuid
|
|
||||||
- in: query
|
|
||||||
name: gid_start_number
|
|
||||||
schema:
|
schema:
|
||||||
type: integer
|
type: integer
|
||||||
- in: query
|
- in: query
|
||||||
name: name
|
name: name__iexact
|
||||||
schema:
|
schema:
|
||||||
type: string
|
type: string
|
||||||
- name: ordering
|
- name: ordering
|
||||||
|
@ -10043,15 +10050,6 @@ paths:
|
||||||
description: Number of results to return per page.
|
description: Number of results to return per page.
|
||||||
schema:
|
schema:
|
||||||
type: integer
|
type: integer
|
||||||
- in: query
|
|
||||||
name: property_mappings
|
|
||||||
schema:
|
|
||||||
type: array
|
|
||||||
items:
|
|
||||||
type: string
|
|
||||||
format: uuid
|
|
||||||
explode: true
|
|
||||||
style: form
|
|
||||||
- name: search
|
- name: search
|
||||||
required: false
|
required: false
|
||||||
in: query
|
in: query
|
||||||
|
@ -10059,16 +10057,20 @@ paths:
|
||||||
schema:
|
schema:
|
||||||
type: string
|
type: string
|
||||||
- in: query
|
- in: query
|
||||||
name: search_group
|
name: search_group__group_uuid__iexact
|
||||||
schema:
|
schema:
|
||||||
type: string
|
type: string
|
||||||
format: uuid
|
format: uuid
|
||||||
- in: query
|
- in: query
|
||||||
name: tls_server_name
|
name: search_group__name__iexact
|
||||||
schema:
|
schema:
|
||||||
type: string
|
type: string
|
||||||
- in: query
|
- in: query
|
||||||
name: uid_start_number
|
name: tls_server_name__iexact
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
- in: query
|
||||||
|
name: uid_start_number__iexact
|
||||||
schema:
|
schema:
|
||||||
type: integer
|
type: integer
|
||||||
tags:
|
tags:
|
||||||
|
@ -10570,102 +10572,56 @@ paths:
|
||||||
description: ProxyProvider Viewset
|
description: ProxyProvider Viewset
|
||||||
parameters:
|
parameters:
|
||||||
- in: query
|
- in: query
|
||||||
name: access_code_validity
|
name: application__isnull
|
||||||
|
schema:
|
||||||
|
type: boolean
|
||||||
|
- in: query
|
||||||
|
name: authorization_flow__slug__iexact
|
||||||
schema:
|
schema:
|
||||||
type: string
|
type: string
|
||||||
- in: query
|
- in: query
|
||||||
name: authorization_flow
|
name: basic_auth_enabled__iexact
|
||||||
|
schema:
|
||||||
|
type: boolean
|
||||||
|
- in: query
|
||||||
|
name: basic_auth_password_attribute__iexact
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
- in: query
|
||||||
|
name: basic_auth_user_attribute__iexact
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
- in: query
|
||||||
|
name: certificate__kp_uuid__iexact
|
||||||
schema:
|
schema:
|
||||||
type: string
|
type: string
|
||||||
format: uuid
|
format: uuid
|
||||||
- in: query
|
- in: query
|
||||||
name: basic_auth_enabled
|
name: certificate__name__iexact
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
- in: query
|
||||||
|
name: cookie_domain__iexact
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
- in: query
|
||||||
|
name: external_host__iexact
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
- in: query
|
||||||
|
name: internal_host__iexact
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
- in: query
|
||||||
|
name: internal_host_ssl_validation__iexact
|
||||||
schema:
|
schema:
|
||||||
type: boolean
|
type: boolean
|
||||||
- in: query
|
- in: query
|
||||||
name: basic_auth_password_attribute
|
name: mode__iexact
|
||||||
schema:
|
schema:
|
||||||
type: string
|
type: string
|
||||||
- in: query
|
- in: query
|
||||||
name: basic_auth_user_attribute
|
name: name__iexact
|
||||||
schema:
|
|
||||||
type: string
|
|
||||||
- in: query
|
|
||||||
name: certificate
|
|
||||||
schema:
|
|
||||||
type: string
|
|
||||||
format: uuid
|
|
||||||
- in: query
|
|
||||||
name: client_id
|
|
||||||
schema:
|
|
||||||
type: string
|
|
||||||
- in: query
|
|
||||||
name: client_secret
|
|
||||||
schema:
|
|
||||||
type: string
|
|
||||||
- in: query
|
|
||||||
name: client_type
|
|
||||||
schema:
|
|
||||||
type: string
|
|
||||||
enum:
|
|
||||||
- confidential
|
|
||||||
- public
|
|
||||||
description: |-
|
|
||||||
Confidential clients are capable of maintaining the confidentiality
|
|
||||||
of their credentials. Public clients are incapable.
|
|
||||||
- in: query
|
|
||||||
name: cookie_domain
|
|
||||||
schema:
|
|
||||||
type: string
|
|
||||||
- in: query
|
|
||||||
name: cookie_secret
|
|
||||||
schema:
|
|
||||||
type: string
|
|
||||||
- in: query
|
|
||||||
name: external_host
|
|
||||||
schema:
|
|
||||||
type: string
|
|
||||||
- in: query
|
|
||||||
name: include_claims_in_id_token
|
|
||||||
schema:
|
|
||||||
type: boolean
|
|
||||||
- in: query
|
|
||||||
name: internal_host
|
|
||||||
schema:
|
|
||||||
type: string
|
|
||||||
- in: query
|
|
||||||
name: internal_host_ssl_validation
|
|
||||||
schema:
|
|
||||||
type: boolean
|
|
||||||
- in: query
|
|
||||||
name: issuer_mode
|
|
||||||
schema:
|
|
||||||
type: string
|
|
||||||
enum:
|
|
||||||
- global
|
|
||||||
- per_provider
|
|
||||||
description: Configure how the issuer field of the ID Token should be filled.
|
|
||||||
- in: query
|
|
||||||
name: jwt_alg
|
|
||||||
schema:
|
|
||||||
type: string
|
|
||||||
title: JWT Algorithm
|
|
||||||
enum:
|
|
||||||
- HS256
|
|
||||||
- RS256
|
|
||||||
description: Algorithm used to sign the JWT Token
|
|
||||||
- in: query
|
|
||||||
name: mode
|
|
||||||
schema:
|
|
||||||
type: string
|
|
||||||
enum:
|
|
||||||
- forward_domain
|
|
||||||
- forward_single
|
|
||||||
- proxy
|
|
||||||
description: Enable support for forwardAuth in traefik and nginx auth_request.
|
|
||||||
Exclusive with internal_host.
|
|
||||||
- in: query
|
|
||||||
name: name
|
|
||||||
schema:
|
schema:
|
||||||
type: string
|
type: string
|
||||||
- name: ordering
|
- name: ordering
|
||||||
|
@ -10687,7 +10643,7 @@ paths:
|
||||||
schema:
|
schema:
|
||||||
type: integer
|
type: integer
|
||||||
- in: query
|
- in: query
|
||||||
name: property_mappings
|
name: property_mappings__iexact
|
||||||
schema:
|
schema:
|
||||||
type: array
|
type: array
|
||||||
items:
|
items:
|
||||||
|
@ -10696,14 +10652,9 @@ paths:
|
||||||
explode: true
|
explode: true
|
||||||
style: form
|
style: form
|
||||||
- in: query
|
- in: query
|
||||||
name: redirect_uris
|
name: redirect_uris__iexact
|
||||||
schema:
|
schema:
|
||||||
type: string
|
type: string
|
||||||
- in: query
|
|
||||||
name: rsa_key
|
|
||||||
schema:
|
|
||||||
type: string
|
|
||||||
format: uuid
|
|
||||||
- name: search
|
- name: search
|
||||||
required: false
|
required: false
|
||||||
in: query
|
in: query
|
||||||
|
@ -10711,22 +10662,7 @@ paths:
|
||||||
schema:
|
schema:
|
||||||
type: string
|
type: string
|
||||||
- in: query
|
- in: query
|
||||||
name: skip_path_regex
|
name: skip_path_regex__iexact
|
||||||
schema:
|
|
||||||
type: string
|
|
||||||
- in: query
|
|
||||||
name: sub_mode
|
|
||||||
schema:
|
|
||||||
type: string
|
|
||||||
enum:
|
|
||||||
- hashed_user_id
|
|
||||||
- user_email
|
|
||||||
- user_upn
|
|
||||||
- user_username
|
|
||||||
description: Configure what data should be used as unique User Identifier.
|
|
||||||
For most cases, the default should be fine.
|
|
||||||
- in: query
|
|
||||||
name: token_validity
|
|
||||||
schema:
|
schema:
|
||||||
type: string
|
type: string
|
||||||
tags:
|
tags:
|
||||||
|
|
Reference in a new issue