diff --git a/authentik/sources/oauth/api/source.py b/authentik/sources/oauth/api/source.py index 72c8b96108..28de050faf 100644 --- a/authentik/sources/oauth/api/source.py +++ b/authentik/sources/oauth/api/source.py @@ -130,7 +130,13 @@ class OAuthSourceSerializer(SourceSerializer): "oidc_jwks_url", "oidc_jwks", ] - extra_kwargs = {"consumer_secret": {"write_only": True}} + extra_kwargs = { + "consumer_secret": {"write_only": True}, + "request_token_url": {"allow_blank": True}, + "authorization_url": {"allow_blank": True}, + "access_token_url": {"allow_blank": True}, + "profile_url": {"allow_blank": True}, + } class OAuthSourceFilter(FilterSet): diff --git a/blueprints/schema.json b/blueprints/schema.json index 9fcbfd9180..757f71cd64 100644 --- a/blueprints/schema.json +++ b/blueprints/schema.json @@ -4547,7 +4547,6 @@ "null" ], "maxLength": 255, - "minLength": 1, "title": "Request Token URL", "description": "URL used to request the initial token. This URL is only required for OAuth 1." }, @@ -4557,7 +4556,6 @@ "null" ], "maxLength": 255, - "minLength": 1, "title": "Authorization URL", "description": "URL the user is redirect to to conest the flow." }, @@ -4567,7 +4565,6 @@ "null" ], "maxLength": 255, - "minLength": 1, "title": "Access Token URL", "description": "URL used by authentik to retrieve tokens." }, @@ -4577,7 +4574,6 @@ "null" ], "maxLength": 255, - "minLength": 1, "title": "Profile URL", "description": "URL used by authentik to get user information." }, @@ -5782,7 +5778,8 @@ "device_type_restrictions": { "type": "array", "items": { - "type": "integer" + "type": "string", + "format": "uuid" }, "title": "Device type restrictions" } diff --git a/locale/zh-Hans/LC_MESSAGES/django.po b/locale/zh-Hans/LC_MESSAGES/django.po index 069f6ab41d..829b80cb5f 100644 --- a/locale/zh-Hans/LC_MESSAGES/django.po +++ b/locale/zh-Hans/LC_MESSAGES/django.po @@ -14,7 +14,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2024-04-01 23:02+0000\n" +"POT-Creation-Date: 2024-04-09 00:08+0000\n" "PO-Revision-Date: 2022-09-26 16:47+0000\n" "Last-Translator: deluxghost, 2024\n" "Language-Team: Chinese Simplified (https://app.transifex.com/authentik/teams/119923/zh-Hans/)\n" @@ -2287,6 +2287,19 @@ msgstr "WebAuthn 设备" msgid "WebAuthn Devices" msgstr "WebAuthn 设备" +#: authentik/stages/authenticator_webauthn/models.py +msgid "WebAuthn Device type" +msgstr "WebAuthn 设备类型" + +#: authentik/stages/authenticator_webauthn/models.py +msgid "WebAuthn Device types" +msgstr "WebAuthn 设备类型" + +#: authentik/stages/authenticator_webauthn/stage.py +#, python-brace-format +msgid "Invalid device type. Contact your {brand} administrator for help." +msgstr "无效的设备类型。请联系您的 {brand} 管理员获得帮助。" + #: authentik/stages/captcha/models.py msgid "Public key, acquired your captcha Provider." msgstr "公钥,从您的验证码提供商处取得。" diff --git a/locale/zh_CN/LC_MESSAGES/django.po b/locale/zh_CN/LC_MESSAGES/django.po index 4cd76cff06..a2b33304ec 100644 --- a/locale/zh_CN/LC_MESSAGES/django.po +++ b/locale/zh_CN/LC_MESSAGES/django.po @@ -14,7 +14,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2024-04-01 23:02+0000\n" +"POT-Creation-Date: 2024-04-09 00:08+0000\n" "PO-Revision-Date: 2022-09-26 16:47+0000\n" "Last-Translator: deluxghost, 2024\n" "Language-Team: Chinese (China) (https://app.transifex.com/authentik/teams/119923/zh_CN/)\n" @@ -2287,6 +2287,19 @@ msgstr "WebAuthn 设备" msgid "WebAuthn Devices" msgstr "WebAuthn 设备" +#: authentik/stages/authenticator_webauthn/models.py +msgid "WebAuthn Device type" +msgstr "WebAuthn 设备类型" + +#: authentik/stages/authenticator_webauthn/models.py +msgid "WebAuthn Device types" +msgstr "WebAuthn 设备类型" + +#: authentik/stages/authenticator_webauthn/stage.py +#, python-brace-format +msgid "Invalid device type. Contact your {brand} administrator for help." +msgstr "无效的设备类型。请联系您的 {brand} 管理员获得帮助。" + #: authentik/stages/captcha/models.py msgid "Public key, acquired your captcha Provider." msgstr "公钥,从您的验证码提供商处取得。" diff --git a/schema.yml b/schema.yml index 7255a0888a..27e3a56977 100644 --- a/schema.yml +++ b/schema.yml @@ -35551,26 +35551,22 @@ components: request_token_url: type: string nullable: true - minLength: 1 description: URL used to request the initial token. This URL is only required for OAuth 1. maxLength: 255 authorization_url: type: string nullable: true - minLength: 1 description: URL the user is redirect to to conest the flow. maxLength: 255 access_token_url: type: string nullable: true - minLength: 1 description: URL used by authentik to retrieve tokens. maxLength: 255 profile_url: type: string nullable: true - minLength: 1 description: URL used by authentik to get user information. maxLength: 255 consumer_key: @@ -38563,26 +38559,22 @@ components: request_token_url: type: string nullable: true - minLength: 1 description: URL used to request the initial token. This URL is only required for OAuth 1. maxLength: 255 authorization_url: type: string nullable: true - minLength: 1 description: URL the user is redirect to to conest the flow. maxLength: 255 access_token_url: type: string nullable: true - minLength: 1 description: URL used by authentik to retrieve tokens. maxLength: 255 profile_url: type: string nullable: true - minLength: 1 description: URL used by authentik to get user information. maxLength: 255 consumer_key: diff --git a/web/package-lock.json b/web/package-lock.json index 577ddcfce5..35c7c0dd6d 100644 --- a/web/package-lock.json +++ b/web/package-lock.json @@ -17,7 +17,7 @@ "@codemirror/theme-one-dark": "^6.1.2", "@formatjs/intl-listformat": "^7.5.5", "@fortawesome/fontawesome-free": "^6.5.2", - "@goauthentik/api": "^2024.2.2-1712571709", + "@goauthentik/api": "^2024.2.2-1712687985", "@lit-labs/task": "^3.1.0", "@lit/context": "^1.1.0", "@lit/localize": "^0.12.1", @@ -2840,9 +2840,9 @@ } }, "node_modules/@goauthentik/api": { - "version": "2024.2.2-1712571709", - "resolved": "https://registry.npmjs.org/@goauthentik/api/-/api-2024.2.2-1712571709.tgz", - "integrity": "sha512-+uS+d13aCDC7W3bZk8j3RnqvDq8iivXnP98GHFEoB9pUuMJ1LK7sgJwr2JHmJe5KiFMl0oxycY8VutsBnYmjog==" + "version": "2024.2.2-1712687985", + "resolved": "https://registry.npmjs.org/@goauthentik/api/-/api-2024.2.2-1712687985.tgz", + "integrity": "sha512-mF9yULFs9O8zi32hVNmPH1La7DeRXr24UQu2zpih5kEIHufvvCV8cnnwKJp+PFEU9+Vm5B8sdNtqSfNAOM7GLA==" }, "node_modules/@hcaptcha/types": { "version": "1.0.3", diff --git a/web/package.json b/web/package.json index 8fbce857b9..7068bb5357 100644 --- a/web/package.json +++ b/web/package.json @@ -38,7 +38,7 @@ "@codemirror/theme-one-dark": "^6.1.2", "@formatjs/intl-listformat": "^7.5.5", "@fortawesome/fontawesome-free": "^6.5.2", - "@goauthentik/api": "^2024.2.2-1712571709", + "@goauthentik/api": "^2024.2.2-1712687985", "@lit-labs/task": "^3.1.0", "@lit/context": "^1.1.0", "@lit/localize": "^0.12.1", diff --git a/web/src/admin/sources/oauth/OAuthSourceForm.ts b/web/src/admin/sources/oauth/OAuthSourceForm.ts index 3820dff002..b63f8b92e1 100644 --- a/web/src/admin/sources/oauth/OAuthSourceForm.ts +++ b/web/src/admin/sources/oauth/OAuthSourceForm.ts @@ -108,7 +108,6 @@ export class OAuthSourceForm extends WithCapabilitiesConfig(BaseSourceForm

${msg("URL the user is redirect to to consent the authorization.")}

- +

${msg("URL used by authentik to retrieve tokens.")}

- +

${msg("URL used by authentik to get user information.")} diff --git a/web/src/elements/ak-dual-select/ak-dual-select-provider.ts b/web/src/elements/ak-dual-select/ak-dual-select-provider.ts index bb402a3bee..147e2f01a9 100644 --- a/web/src/elements/ak-dual-select/ak-dual-select-provider.ts +++ b/web/src/elements/ak-dual-select/ak-dual-select-provider.ts @@ -55,8 +55,6 @@ export class AkDualSelectProvider extends CustomListenerElement(AKElement) { private pagination?: Pagination; - selectedMap: WeakMap = new WeakMap(); - constructor() { super(); setTimeout(() => this.fetch(1), 0); @@ -72,16 +70,14 @@ export class AkDualSelectProvider extends CustomListenerElement(AKElement) { willUpdate(changedProperties: PropertyValues) { if (changedProperties.has("searchDelay")) { - this.doSearch = debounce(this.doSearch.bind(this), this.searchDelay); + this.doSearch = debounce( + AkDualSelectProvider.prototype.doSearch.bind(this), + this.searchDelay, + ); } if (changedProperties.has("provider")) { this.pagination = undefined; - const previousProvider = changedProperties.get("provider"); - if (previousProvider) { - this.selectedMap.set(previousProvider, this.selected); - this.selected = this.selectedMap.get(this.provider) ?? []; - } this.fetch(); } } diff --git a/web/xliff/zh-Hans.xlf b/web/xliff/zh-Hans.xlf index 53bc5d6bb9..36756e1d09 100644 --- a/web/xliff/zh-Hans.xlf +++ b/web/xliff/zh-Hans.xlf @@ -1,4 +1,4 @@ - + @@ -596,9 +596,9 @@ - The URL "" was not found. - 未找到 URL " - "。 + The URL "" was not found. + 未找到 URL " + "。 @@ -1040,8 +1040,8 @@ - To allow any redirect URI, set this value to ".*". Be aware of the possible security implications this can have. - 要允许任何重定向 URI,请将此值设置为 ".*"。请注意这可能带来的安全影响。 + To allow any redirect URI, set this value to ".*". Be aware of the possible security implications this can have. + 要允许任何重定向 URI,请将此值设置为 ".*"。请注意这可能带来的安全影响。 @@ -1782,8 +1782,8 @@ - Either input a full URL, a relative path, or use 'fa://fa-test' to use the Font Awesome icon "fa-test". - 输入完整 URL、相对路径,或者使用 'fa://fa-test' 来使用 Font Awesome 图标 "fa-test"。 + Either input a full URL, a relative path, or use 'fa://fa-test' to use the Font Awesome icon "fa-test". + 输入完整 URL、相对路径,或者使用 'fa://fa-test' 来使用 Font Awesome 图标 "fa-test"。 @@ -2961,8 +2961,8 @@ doesn't pass when either or both of the selected options are equal or above the - Field which contains members of a group. Note that if using the "memberUid" field, the value is assumed to contain a relative distinguished name. e.g. 'memberUid=some-user' instead of 'memberUid=cn=some-user,ou=groups,...' - 包含组成员的字段。请注意,如果使用 "memberUid" 字段,则假定该值包含相对可分辨名称。例如,'memberUid=some-user' 而不是 'memberUid=cn=some-user,ou=groups,...' + Field which contains members of a group. Note that if using the "memberUid" field, the value is assumed to contain a relative distinguished name. e.g. 'memberUid=some-user' instead of 'memberUid=cn=some-user,ou=groups,...' + 包含组成员的字段。请注意,如果使用 "memberUid" 字段,则假定该值包含相对可分辨名称。例如,'memberUid=some-user' 而不是 'memberUid=cn=some-user,ou=groups,...' @@ -3739,8 +3739,8 @@ doesn't pass when either or both of the selected options are equal or above the - When using an external logging solution for archiving, this can be set to "minutes=5". - 使用外部日志记录解决方案进行存档时,可以将其设置为 "minutes=5"。 + When using an external logging solution for archiving, this can be set to "minutes=5". + 使用外部日志记录解决方案进行存档时,可以将其设置为 "minutes=5"。 @@ -3916,10 +3916,10 @@ doesn't pass when either or both of the selected options are equal or above the - Are you sure you want to update ""? + Are you sure you want to update ""? 您确定要更新 - " - " 吗? + " + " 吗? @@ -5000,7 +5000,7 @@ doesn't pass when either or both of the selected options are equal or above the - A "roaming" authenticator, like a YubiKey + A "roaming" authenticator, like a YubiKey 像 YubiKey 这样的“漫游”身份验证器 @@ -5335,10 +5335,10 @@ doesn't pass when either or both of the selected options are equal or above the - ("", of type ) + ("", of type ) - (" - ",类型为 + (" + ",类型为 @@ -5387,7 +5387,7 @@ doesn't pass when either or both of the selected options are equal or above the - If set to a duration above 0, the user will have the option to choose to "stay signed in", which will extend their session by the time specified here. + If set to a duration above 0, the user will have the option to choose to "stay signed in", which will extend their session by the time specified here. 如果设置时长大于 0,用户可以选择“保持登录”选项,这将使用户的会话延长此处设置的时间。 @@ -7839,7 +7839,7 @@ Bindings to groups/users are checked against the user of the event. 成功创建用户并添加到组 - This user will be added to the group "". + This user will be added to the group "". 此用户将会被添加到组 ""。 @@ -8526,16 +8526,20 @@ Bindings to groups/users are checked against the user of the event. Device type restrictions + 设备类型限制 Available Device types + 可用设备类型 Selected Device types + 已选设备类型 Optionally restrict which WebAuthn device types may be used. When no device types are selected, all devices are allowed. + 可选的 WebAuthn 可用设备类型限制。如果未选择设备类型,则允许所有设备。 - + \ No newline at end of file diff --git a/web/xliff/zh_CN.xlf b/web/xliff/zh_CN.xlf index b56ff7a58b..1c87ecf6d3 100644 --- a/web/xliff/zh_CN.xlf +++ b/web/xliff/zh_CN.xlf @@ -8523,6 +8523,22 @@ Bindings to groups/users are checked against the user of the event. A selection is required 需要进行选择 + + + Device type restrictions + 设备类型限制 + + + Available Device types + 可用设备类型 + + + Selected Device types + 已选设备类型 + + + Optionally restrict which WebAuthn device types may be used. When no device types are selected, all devices are allowed. + 可选的 WebAuthn 可用设备类型限制。如果未选择设备类型,则允许所有设备。