tenants: add web certificate field, make authentik's core certificate configurable based on keypair

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 11:43:45 +01:00
parent 9e2492be5c
commit 34b11524f1
17 changed files with 358 additions and 12 deletions
--- a/web/src/locales/en.po
+++ b/web/src/locales/en.po
@ -2709,6 +2709,7 @@ msgstr "Loading"
 #: src/pages/tenants/TenantForm.ts
 #: src/pages/tenants/TenantForm.ts
 #: src/pages/tenants/TenantForm.ts
+#: src/pages/tenants/TenantForm.ts
 #: src/pages/tokens/TokenForm.ts
 #: src/pages/users/UserForm.ts
 #: src/pages/users/UserResetEmailForm.ts
@ -5809,6 +5810,10 @@ msgstr "Warning: You're about to delete the user you're logged in as ({0}). Proc
 msgid "Warning: authentik Domain is not configured, authentication will not work."
 msgstr "Warning: authentik Domain is not configured, authentication will not work."

+#: src/pages/tenants/TenantForm.ts
+msgid "Web Certificate"
+msgstr "Web Certificate"
+
 #: src/pages/stages/authenticator_validate/AuthenticatorValidateStageForm.ts
 msgid "WebAuthn Authenticators"
 msgstr "WebAuthn Authenticators"
--- a/web/src/locales/fr_FR.po
+++ b/web/src/locales/fr_FR.po
@ -2688,6 +2688,7 @@ msgstr "Chargement en cours"
 #: src/pages/tenants/TenantForm.ts
 #: src/pages/tenants/TenantForm.ts
 #: src/pages/tenants/TenantForm.ts
+#: src/pages/tenants/TenantForm.ts
 #: src/pages/tokens/TokenForm.ts
 #: src/pages/users/UserForm.ts
 #: src/pages/users/UserResetEmailForm.ts
@ -5747,6 +5748,10 @@ msgstr ""
 msgid "Warning: authentik Domain is not configured, authentication will not work."
 msgstr "Avertissement : le domaine d'authentik n'est pas configuré, l'authentification ne fonctionnera pas."

+#: src/pages/tenants/TenantForm.ts
+msgid "Web Certificate"
+msgstr ""
+
 #: src/pages/stages/authenticator_validate/AuthenticatorValidateStageForm.ts
 msgid "WebAuthn Authenticators"
 msgstr "Authentificateurs WebAuthn"
--- a/web/src/locales/pseudo-LOCALE.po
+++ b/web/src/locales/pseudo-LOCALE.po
@ -2699,6 +2699,7 @@ msgstr ""
 #: src/pages/tenants/TenantForm.ts
 #: src/pages/tenants/TenantForm.ts
 #: src/pages/tenants/TenantForm.ts
+#: src/pages/tenants/TenantForm.ts
 #: src/pages/tokens/TokenForm.ts
 #: src/pages/users/UserForm.ts
 #: src/pages/users/UserResetEmailForm.ts
@ -5789,6 +5790,10 @@ msgstr ""
 msgid "Warning: authentik Domain is not configured, authentication will not work."
 msgstr ""

+#: src/pages/tenants/TenantForm.ts
+msgid "Web Certificate"
+msgstr ""
+
 #: src/pages/stages/authenticator_validate/AuthenticatorValidateStageForm.ts
 msgid "WebAuthn Authenticators"
 msgstr ""
--- a/web/src/pages/tenants/TenantForm.ts
+++ b/web/src/pages/tenants/TenantForm.ts
@ -2,9 +2,16 @@ import { t } from "@lingui/macro";

 import { TemplateResult, html } from "lit";
 import { customElement } from "lit/decorators.js";
+import { ifDefined } from "lit/directives/if-defined.js";
 import { until } from "lit/directives/until.js";

-import { CoreApi, FlowsApi, FlowsInstancesListDesignationEnum, Tenant } from "@goauthentik/api";
+import {
+    CoreApi,
+    CryptoApi,
+    FlowsApi,
+    FlowsInstancesListDesignationEnum,
+    Tenant,
+} from "@goauthentik/api";

 import { DEFAULT_CONFIG } from "../../api/Config";
 import "../../elements/forms/FormGroup";
@ -297,6 +304,35 @@ export class TenantForm extends ModelForm<Tenant, string> {
                            ${t`Format: "weeks=3;days=2;hours=3,seconds=2".`}
                        </p>
                    </ak-form-element-horizontal>
+                    <ak-form-element-horizontal label=${t`Web Certificate`} name="webCertificate">
+                        <select class="pf-c-form-control">
+                            <option
+                                value=""
+                                ?selected=${this.instance?.webCertificate === undefined}
+                            >
+                                ---------
+                            </option>
+                            ${until(
+                                new CryptoApi(DEFAULT_CONFIG)
+                                    .cryptoCertificatekeypairsList({
+                                        ordering: "name",
+                                        hasKey: true,
+                                    })
+                                    .then((keys) => {
+                                        return keys.results.map((key) => {
+                                            return html`<option
+                                                value=${ifDefined(key.pk)}
+                                                ?selected=${this.instance?.webCertificate ===
+                                                key.pk}
+                                            >
+                                                ${key.name}
+                                            </option>`;
+                                        });
+                                    }),
+                                html`<option>${t`Loading...`}</option>`,
+                            )}
+                        </select>
+                    </ak-form-element-horizontal>
                </div>
            </ak-form-group>
        </form>`;