habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

sources/oauth: save null instead of empty string for sources without configurable URLs

Browse Source 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer
2021-04-17 21:13:33 +02:00
parent a0cd17a257
commit 52abd959eb
9 changed files with 176 additions and 74 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
authentik/sources/oauth/clients/base.py
View File

@ -60,9 +60,9 @@ class BaseOAuthClient:
args.update(additional) args.update(additional)
params = urlencode(args) params = urlencode(args)
LOGGER.info("redirect args", **args) LOGGER.info("redirect args", **args)
base_url = self.source.authorization_url base_url = self.source.type.authorization_url
if not self.source.type.urls_customizable: if self.source.authorization_url:
base_url = self.source.type.authorization_url base_url = self.source.authorization_url
if base_url == "": if base_url == "":
Event.new( Event.new(
EventAction.CONFIGURATION_ERROR, EventAction.CONFIGURATION_ERROR,

12
authentik/sources/oauth/clients/oauth1.py
View File

@ -28,9 +28,9 @@ class OAuthClient(BaseOAuthClient):
if raw_token is not None and verifier is not None: if raw_token is not None and verifier is not None:
token = self.parse_raw_token(raw_token) token = self.parse_raw_token(raw_token)
try: try:
access_token_url: str = self.source.access_token_url access_token_url: str = self.source.type.access_token_url or ""
if not self.source.type.urls_customizable: if self.source.access_token_url:
access_token_url = self.source.type.access_token_url or "" access_token_url = self.source.access_token_url
response = self.do_request( response = self.do_request(
"post", "post",
access_token_url, access_token_url,
@ -51,9 +51,9 @@ class OAuthClient(BaseOAuthClient):
"Fetch the OAuth request token. Only required for OAuth 1.0." "Fetch the OAuth request token. Only required for OAuth 1.0."
callback = self.request.build_absolute_uri(self.callback) callback = self.request.build_absolute_uri(self.callback)
try: try:
request_token_url: str = self.source.request_token_url request_token_url: str = self.source.type.request_token_url or ""
if not self.source.type.urls_customizable: if self.source.request_token_url:
request_token_url = self.source.type.request_token_url or "" request_token_url = self.source.request_token_url
response = self.do_request( response = self.do_request(
"post", "post",
request_token_url, request_token_url,

6
authentik/sources/oauth/clients/oauth2.py
View File

@ -56,9 +56,9 @@ class OAuth2Client(BaseOAuthClient):
LOGGER.warning("No code returned by the source") LOGGER.warning("No code returned by the source")
return None return None
try: try:
access_token_url = self.source.access_token_url access_token_url = self.source.type.access_token_url or ""
if not self.source.type.urls_customizable: if self.source.access_token_url:
access_token_url = self.source.type.access_token_url or "" access_token_url = self.source.access_token_url
response = self.session.request( response = self.session.request(
"post", "post",
access_token_url, access_token_url,

79
authentik/sources/oauth/migrations/0004_auto_20210417_1900.py Normal file
View File

@ -0,0 +1,79 @@
# Generated by Django 3.2 on 2021-04-17 19:00
from django.apps.registry import Apps
from django.db import migrations, models
from django.db.backends.base.schema import BaseDatabaseSchemaEditor
def update_empty_urls(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
OAuthSource = apps.get_model("authentik_sources_oauth", "oauthsource")
db_alias = schema_editor.connection.alias
for source in OAuthSource.objects.using(db_alias).all():
changed = False
if source.access_token_url == "":
source.access_token_url = None
changed = True
if source.authorization_url == "":
source.authorization_url = None
changed = True
if source.profile_url == "":
source.profile_url = None
changed = True
if source.request_token_url == "":
source.request_token_url = None
changed = True
if changed:
source.save()
class Migration(migrations.Migration):
dependencies = [
("authentik_sources_oauth", "0003_auto_20210416_0726"),
]
operations = [
migrations.AlterField(
model_name="oauthsource",
name="access_token_url",
field=models.CharField(
help_text="URL used by authentik to retrive tokens.",
max_length=255,
null=True,
verbose_name="Access Token URL",
),
),
migrations.AlterField(
model_name="oauthsource",
name="authorization_url",
field=models.CharField(
help_text="URL the user is redirect to to conest the flow.",
max_length=255,
null=True,
verbose_name="Authorization URL",
),
),
migrations.AlterField(
model_name="oauthsource",
name="profile_url",
field=models.CharField(
help_text="URL used by authentik to get user information.",
max_length=255,
null=True,
verbose_name="Profile URL",
),
),
migrations.AlterField(
model_name="oauthsource",
name="request_token_url",
field=models.CharField(
help_text="URL used to request the initial token. This URL is only required for OAuth 1.",
max_length=255,
null=True,
verbose_name="Request Token URL",
),
),
migrations.RunPython(update_empty_urls),
]

8
authentik/sources/oauth/models.py
View File

@ -19,7 +19,7 @@ class OAuthSource(Source):
provider_type = models.CharField(max_length=255) provider_type = models.CharField(max_length=255)
request_token_url = models.CharField( request_token_url = models.CharField(
blank=True, null=True,
max_length=255, max_length=255,
verbose_name=_("Request Token URL"), verbose_name=_("Request Token URL"),
help_text=_( help_text=_(
@ -28,19 +28,19 @@ class OAuthSource(Source):
) )
authorization_url = models.CharField( authorization_url = models.CharField(
max_length=255, max_length=255,
blank=True, null=True,
verbose_name=_("Authorization URL"), verbose_name=_("Authorization URL"),
help_text=_("URL the user is redirect to to conest the flow."), help_text=_("URL the user is redirect to to conest the flow."),
) )
access_token_url = models.CharField( access_token_url = models.CharField(
max_length=255, max_length=255,
blank=True, null=True,
verbose_name=_("Access Token URL"), verbose_name=_("Access Token URL"),
help_text=_("URL used by authentik to retrive tokens."), help_text=_("URL used by authentik to retrive tokens."),
) )
profile_url = models.CharField( profile_url = models.CharField(
max_length=255, max_length=255,
blank=True, null=True,
verbose_name=_("Profile URL"), verbose_name=_("Profile URL"),
help_text=_("URL used by authentik to get user information."), help_text=_("URL used by authentik to get user information."),
) )

8
swagger.yaml
View File

@ -17034,21 +17034,29 @@ definitions:
for OAuth 1. for OAuth 1.
type: string type: string
maxLength: 255 maxLength: 255
minLength: 1
x-nullable: true
authorization_url: authorization_url:
title: Authorization URL title: Authorization URL
description: URL the user is redirect to to conest the flow. description: URL the user is redirect to to conest the flow.
type: string type: string
maxLength: 255 maxLength: 255
minLength: 1
x-nullable: true
access_token_url: access_token_url:
title: Access Token URL title: Access Token URL
description: URL used by authentik to retrive tokens. description: URL used by authentik to retrive tokens.
type: string type: string
maxLength: 255 maxLength: 255
minLength: 1
x-nullable: true
profile_url: profile_url:
title: Profile URL title: Profile URL
description: URL used by authentik to get user information. description: URL used by authentik to get user information.
type: string type: string
maxLength: 255 maxLength: 255
minLength: 1
x-nullable: true
consumer_key: consumer_key:
title: Consumer key title: Consumer key
type: string type: string

52
web/src/locales/en.po
View File

@ -68,7 +68,7 @@ msgstr "API request failed"
msgid "Access Key" msgid "Access Key"
msgstr "Access Key" msgstr "Access Key"
#: src/pages/sources/oauth/OAuthSourceForm.ts:72 #: src/pages/sources/oauth/OAuthSourceForm.ts:73
msgid "Access token URL" msgid "Access token URL"
msgstr "Access token URL" msgstr "Access token URL"
@ -274,7 +274,7 @@ msgstr "Audience"
msgid "Authentication" msgid "Authentication"
msgstr "Authentication" msgstr "Authentication"
#: src/pages/sources/oauth/OAuthSourceForm.ts:175 #: src/pages/sources/oauth/OAuthSourceForm.ts:189
#: src/pages/sources/saml/SAMLSourceForm.ts:245 #: src/pages/sources/saml/SAMLSourceForm.ts:245
msgid "Authentication flow" msgid "Authentication flow"
msgstr "Authentication flow" msgstr "Authentication flow"
@ -292,7 +292,7 @@ msgstr "Authorization"
msgid "Authorization Code" msgid "Authorization Code"
msgstr "Authorization Code" msgstr "Authorization Code"
#: src/pages/sources/oauth/OAuthSourceForm.ts:65 #: src/pages/sources/oauth/OAuthSourceForm.ts:66
#: src/pages/sources/oauth/OAuthSourceViewPage.ts:95 #: src/pages/sources/oauth/OAuthSourceViewPage.ts:95
msgid "Authorization URL" msgid "Authorization URL"
msgstr "Authorization URL" msgstr "Authorization URL"
@ -649,11 +649,11 @@ msgstr "Consider Objects matching this filter to be Groups."
msgid "Consider Objects matching this filter to be Users." msgid "Consider Objects matching this filter to be Users."
msgstr "Consider Objects matching this filter to be Users." msgstr "Consider Objects matching this filter to be Users."
#: src/pages/sources/oauth/OAuthSourceForm.ts:124 #: src/pages/sources/oauth/OAuthSourceForm.ts:126
msgid "Consumer key" msgid "Consumer key"
msgstr "Consumer key" msgstr "Consumer key"
#: src/pages/sources/oauth/OAuthSourceForm.ts:130 #: src/pages/sources/oauth/OAuthSourceForm.ts:132
msgid "Consumer secret" msgid "Consumer secret"
msgstr "Consumer secret" msgstr "Consumer secret"
@ -1107,7 +1107,7 @@ msgstr "Enable TOTP"
#: src/pages/policies/BoundPoliciesList.ts:37 #: src/pages/policies/BoundPoliciesList.ts:37
#: src/pages/policies/PolicyBindingForm.ts:198 #: src/pages/policies/PolicyBindingForm.ts:198
#: src/pages/sources/ldap/LDAPSourceForm.ts:69 #: src/pages/sources/ldap/LDAPSourceForm.ts:69
#: src/pages/sources/oauth/OAuthSourceForm.ts:113 #: src/pages/sources/oauth/OAuthSourceForm.ts:115
#: src/pages/sources/saml/SAMLSourceForm.ts:69 #: src/pages/sources/saml/SAMLSourceForm.ts:69
msgid "Enabled" msgid "Enabled"
msgstr "Enabled" msgstr "Enabled"
@ -1116,7 +1116,7 @@ msgstr "Enabled"
msgid "Enrollment" msgid "Enrollment"
msgstr "Enrollment" msgstr "Enrollment"
#: src/pages/sources/oauth/OAuthSourceForm.ts:196 #: src/pages/sources/oauth/OAuthSourceForm.ts:210
#: src/pages/sources/saml/SAMLSourceForm.ts:266 #: src/pages/sources/saml/SAMLSourceForm.ts:266
#: src/pages/stages/identification/IdentificationStageForm.ts:107 #: src/pages/stages/identification/IdentificationStageForm.ts:107
msgid "Enrollment flow" msgid "Enrollment flow"
@ -1328,17 +1328,17 @@ msgstr "Flow"
msgid "Flow Overview" msgid "Flow Overview"
msgstr "Flow Overview" msgstr "Flow Overview"
#: src/pages/sources/oauth/OAuthSourceForm.ts:171 #: src/pages/sources/oauth/OAuthSourceForm.ts:185
#: src/pages/sources/saml/SAMLSourceForm.ts:220 #: src/pages/sources/saml/SAMLSourceForm.ts:220
msgid "Flow settings" msgid "Flow settings"
msgstr "Flow settings" msgstr "Flow settings"
#: src/pages/sources/oauth/OAuthSourceForm.ts:193 #: src/pages/sources/oauth/OAuthSourceForm.ts:207
#: src/pages/sources/saml/SAMLSourceForm.ts:263 #: src/pages/sources/saml/SAMLSourceForm.ts:263
msgid "Flow to use when authenticating existing users." msgid "Flow to use when authenticating existing users."
msgstr "Flow to use when authenticating existing users." msgstr "Flow to use when authenticating existing users."
#: src/pages/sources/oauth/OAuthSourceForm.ts:214 #: src/pages/sources/oauth/OAuthSourceForm.ts:228
#: src/pages/sources/saml/SAMLSourceForm.ts:284 #: src/pages/sources/saml/SAMLSourceForm.ts:284
msgid "Flow to use when enrolling new users." msgid "Flow to use when enrolling new users."
msgstr "Flow to use when enrolling new users." msgstr "Flow to use when enrolling new users."
@ -1718,9 +1718,9 @@ msgstr "Loading"
#: src/pages/providers/saml/SAMLProviderImportForm.ts:55 #: src/pages/providers/saml/SAMLProviderImportForm.ts:55
#: src/pages/sources/ldap/LDAPSourceForm.ts:164 #: src/pages/sources/ldap/LDAPSourceForm.ts:164
#: src/pages/sources/ldap/LDAPSourceForm.ts:190 #: src/pages/sources/ldap/LDAPSourceForm.ts:190
#: src/pages/sources/oauth/OAuthSourceForm.ts:163 #: src/pages/sources/oauth/OAuthSourceForm.ts:177
#: src/pages/sources/oauth/OAuthSourceForm.ts:191 #: src/pages/sources/oauth/OAuthSourceForm.ts:205
#: src/pages/sources/oauth/OAuthSourceForm.ts:212 #: src/pages/sources/oauth/OAuthSourceForm.ts:226
#: src/pages/sources/saml/SAMLSourceForm.ts:126 #: src/pages/sources/saml/SAMLSourceForm.ts:126
#: src/pages/sources/saml/SAMLSourceForm.ts:240 #: src/pages/sources/saml/SAMLSourceForm.ts:240
#: src/pages/sources/saml/SAMLSourceForm.ts:261 #: src/pages/sources/saml/SAMLSourceForm.ts:261
@ -1887,7 +1887,7 @@ msgstr "Monitor"
#: src/pages/sources/SourcesListPage.ts:51 #: src/pages/sources/SourcesListPage.ts:51
#: src/pages/sources/ldap/LDAPSourceForm.ts:54 #: src/pages/sources/ldap/LDAPSourceForm.ts:54
#: src/pages/sources/ldap/LDAPSourceViewPage.ts:64 #: src/pages/sources/ldap/LDAPSourceViewPage.ts:64
#: src/pages/sources/oauth/OAuthSourceForm.ts:98 #: src/pages/sources/oauth/OAuthSourceForm.ts:100
#: src/pages/sources/oauth/OAuthSourceViewPage.ts:63 #: src/pages/sources/oauth/OAuthSourceViewPage.ts:63
#: src/pages/sources/saml/SAMLSourceForm.ts:54 #: src/pages/sources/saml/SAMLSourceForm.ts:54
#: src/pages/sources/saml/SAMLSourceViewPage.ts:66 #: src/pages/sources/saml/SAMLSourceViewPage.ts:66
@ -2338,7 +2338,7 @@ msgstr "Private key available?"
msgid "Private key, acquired from https://www.google.com/recaptcha/intro/v3.html." msgid "Private key, acquired from https://www.google.com/recaptcha/intro/v3.html."
msgstr "Private key, acquired from https://www.google.com/recaptcha/intro/v3.html." msgstr "Private key, acquired from https://www.google.com/recaptcha/intro/v3.html."
#: src/pages/sources/oauth/OAuthSourceForm.ts:79 #: src/pages/sources/oauth/OAuthSourceForm.ts:80
msgid "Profile URL" msgid "Profile URL"
msgstr "Profile URL" msgstr "Profile URL"
@ -2380,7 +2380,7 @@ msgstr "Property mappings used to user creation."
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:81 #: src/pages/providers/oauth2/OAuth2ProviderForm.ts:81
#: src/pages/providers/proxy/ProxyProviderForm.ts:99 #: src/pages/providers/proxy/ProxyProviderForm.ts:99
#: src/pages/providers/saml/SAMLProviderForm.ts:78 #: src/pages/providers/saml/SAMLProviderForm.ts:78
#: src/pages/sources/oauth/OAuthSourceForm.ts:120 #: src/pages/sources/oauth/OAuthSourceForm.ts:122
#: src/pages/sources/saml/SAMLSourceForm.ts:76 #: src/pages/sources/saml/SAMLSourceForm.ts:76
msgid "Protocol settings" msgid "Protocol settings"
msgstr "Protocol settings" msgstr "Protocol settings"
@ -2403,7 +2403,7 @@ msgstr "Provider"
msgid "Provider Type" msgid "Provider Type"
msgstr "Provider Type" msgstr "Provider Type"
#: src/pages/sources/oauth/OAuthSourceForm.ts:136 #: src/pages/sources/oauth/OAuthSourceForm.ts:138
msgid "Provider type" msgid "Provider type"
msgstr "Provider type" msgstr "Provider type"
@ -2529,7 +2529,7 @@ msgstr "Request"
msgid "Request has been denied." msgid "Request has been denied."
msgstr "Request has been denied." msgstr "Request has been denied."
#: src/pages/sources/oauth/OAuthSourceForm.ts:86 #: src/pages/sources/oauth/OAuthSourceForm.ts:87
msgid "Request token URL" msgid "Request token URL"
msgstr "Request token URL" msgstr "Request token URL"
@ -2808,7 +2808,7 @@ msgstr "Skip path regex"
#: src/pages/applications/ApplicationListPage.ts:58 #: src/pages/applications/ApplicationListPage.ts:58
#: src/pages/flows/FlowForm.ts:94 #: src/pages/flows/FlowForm.ts:94
#: src/pages/sources/ldap/LDAPSourceForm.ts:60 #: src/pages/sources/ldap/LDAPSourceForm.ts:60
#: src/pages/sources/oauth/OAuthSourceForm.ts:104 #: src/pages/sources/oauth/OAuthSourceForm.ts:106
#: src/pages/sources/saml/SAMLSourceForm.ts:60 #: src/pages/sources/saml/SAMLSourceForm.ts:60
msgid "Slug" msgid "Slug"
msgstr "Slug" msgstr "Slug"
@ -3027,7 +3027,7 @@ msgid "Successfully created service-connection."
msgstr "Successfully created service-connection." msgstr "Successfully created service-connection."
#: src/pages/sources/ldap/LDAPSourceForm.ts:47 #: src/pages/sources/ldap/LDAPSourceForm.ts:47
#: src/pages/sources/oauth/OAuthSourceForm.ts:50 #: src/pages/sources/oauth/OAuthSourceForm.ts:51
#: src/pages/sources/saml/SAMLSourceForm.ts:47 #: src/pages/sources/saml/SAMLSourceForm.ts:47
msgid "Successfully created source." msgid "Successfully created source."
msgstr "Successfully created source." msgstr "Successfully created source."
@ -3163,7 +3163,7 @@ msgid "Successfully updated service-connection."
msgstr "Successfully updated service-connection." msgstr "Successfully updated service-connection."
#: src/pages/sources/ldap/LDAPSourceForm.ts:44 #: src/pages/sources/ldap/LDAPSourceForm.ts:44
#: src/pages/sources/oauth/OAuthSourceForm.ts:47 #: src/pages/sources/oauth/OAuthSourceForm.ts:48
#: src/pages/sources/saml/SAMLSourceForm.ts:44 #: src/pages/sources/saml/SAMLSourceForm.ts:44
msgid "Successfully updated source." msgid "Successfully updated source."
msgstr "Successfully updated source." msgstr "Successfully updated source."
@ -3425,7 +3425,7 @@ msgstr "UI settings"
msgid "UID" msgid "UID"
msgstr "UID" msgstr "UID"
#: src/pages/sources/oauth/OAuthSourceForm.ts:61 #: src/pages/sources/oauth/OAuthSourceForm.ts:62
msgid "URL settings" msgid "URL settings"
msgstr "URL settings" msgstr "URL settings"
@ -3433,19 +3433,19 @@ msgstr "URL settings"
msgid "URL that the initial Login request is sent to." msgid "URL that the initial Login request is sent to."
msgstr "URL that the initial Login request is sent to." msgstr "URL that the initial Login request is sent to."
#: src/pages/sources/oauth/OAuthSourceForm.ts:69 #: src/pages/sources/oauth/OAuthSourceForm.ts:70
msgid "URL the user is redirect to to consent the authorization." msgid "URL the user is redirect to to consent the authorization."
msgstr "URL the user is redirect to to consent the authorization." msgstr "URL the user is redirect to to consent the authorization."
#: src/pages/sources/oauth/OAuthSourceForm.ts:83 #: src/pages/sources/oauth/OAuthSourceForm.ts:84
msgid "URL used by authentik to get user information." msgid "URL used by authentik to get user information."
msgstr "URL used by authentik to get user information." msgstr "URL used by authentik to get user information."
#: src/pages/sources/oauth/OAuthSourceForm.ts:76 #: src/pages/sources/oauth/OAuthSourceForm.ts:77
msgid "URL used by authentik to retrieve tokens." msgid "URL used by authentik to retrieve tokens."
msgstr "URL used by authentik to retrieve tokens." msgstr "URL used by authentik to retrieve tokens."
#: src/pages/sources/oauth/OAuthSourceForm.ts:89 #: src/pages/sources/oauth/OAuthSourceForm.ts:90
msgid "URL used to request the initial token. This URL is only required for OAuth 1." msgid "URL used to request the initial token. This URL is only required for OAuth 1."
msgstr "URL used to request the initial token. This URL is only required for OAuth 1." msgstr "URL used to request the initial token. This URL is only required for OAuth 1."

52
web/src/locales/pseudo-LOCALE.po
View File

@ -68,7 +68,7 @@ msgstr ""
msgid "Access Key" msgid "Access Key"
msgstr "" msgstr ""
#: src/pages/sources/oauth/OAuthSourceForm.ts:72 #: src/pages/sources/oauth/OAuthSourceForm.ts:73
msgid "Access token URL" msgid "Access token URL"
msgstr "" msgstr ""
@ -270,7 +270,7 @@ msgstr ""
msgid "Authentication" msgid "Authentication"
msgstr "" msgstr ""
#: src/pages/sources/oauth/OAuthSourceForm.ts:175 #: src/pages/sources/oauth/OAuthSourceForm.ts:189
#: src/pages/sources/saml/SAMLSourceForm.ts:245 #: src/pages/sources/saml/SAMLSourceForm.ts:245
msgid "Authentication flow" msgid "Authentication flow"
msgstr "" msgstr ""
@ -288,7 +288,7 @@ msgstr ""
msgid "Authorization Code" msgid "Authorization Code"
msgstr "" msgstr ""
#: src/pages/sources/oauth/OAuthSourceForm.ts:65 #: src/pages/sources/oauth/OAuthSourceForm.ts:66
#: src/pages/sources/oauth/OAuthSourceViewPage.ts:95 #: src/pages/sources/oauth/OAuthSourceViewPage.ts:95
msgid "Authorization URL" msgid "Authorization URL"
msgstr "" msgstr ""
@ -643,11 +643,11 @@ msgstr ""
msgid "Consider Objects matching this filter to be Users." msgid "Consider Objects matching this filter to be Users."
msgstr "" msgstr ""
#: src/pages/sources/oauth/OAuthSourceForm.ts:124 #: src/pages/sources/oauth/OAuthSourceForm.ts:126
msgid "Consumer key" msgid "Consumer key"
msgstr "" msgstr ""
#: src/pages/sources/oauth/OAuthSourceForm.ts:130 #: src/pages/sources/oauth/OAuthSourceForm.ts:132
msgid "Consumer secret" msgid "Consumer secret"
msgstr "" msgstr ""
@ -1099,7 +1099,7 @@ msgstr ""
#: src/pages/policies/BoundPoliciesList.ts:37 #: src/pages/policies/BoundPoliciesList.ts:37
#: src/pages/policies/PolicyBindingForm.ts:198 #: src/pages/policies/PolicyBindingForm.ts:198
#: src/pages/sources/ldap/LDAPSourceForm.ts:69 #: src/pages/sources/ldap/LDAPSourceForm.ts:69
#: src/pages/sources/oauth/OAuthSourceForm.ts:113 #: src/pages/sources/oauth/OAuthSourceForm.ts:115
#: src/pages/sources/saml/SAMLSourceForm.ts:69 #: src/pages/sources/saml/SAMLSourceForm.ts:69
msgid "Enabled" msgid "Enabled"
msgstr "" msgstr ""
@ -1108,7 +1108,7 @@ msgstr ""
msgid "Enrollment" msgid "Enrollment"
msgstr "" msgstr ""
#: src/pages/sources/oauth/OAuthSourceForm.ts:196 #: src/pages/sources/oauth/OAuthSourceForm.ts:210
#: src/pages/sources/saml/SAMLSourceForm.ts:266 #: src/pages/sources/saml/SAMLSourceForm.ts:266
#: src/pages/stages/identification/IdentificationStageForm.ts:107 #: src/pages/stages/identification/IdentificationStageForm.ts:107
msgid "Enrollment flow" msgid "Enrollment flow"
@ -1320,17 +1320,17 @@ msgstr ""
msgid "Flow Overview" msgid "Flow Overview"
msgstr "" msgstr ""
#: src/pages/sources/oauth/OAuthSourceForm.ts:171 #: src/pages/sources/oauth/OAuthSourceForm.ts:185
#: src/pages/sources/saml/SAMLSourceForm.ts:220 #: src/pages/sources/saml/SAMLSourceForm.ts:220
msgid "Flow settings" msgid "Flow settings"
msgstr "" msgstr ""
#: src/pages/sources/oauth/OAuthSourceForm.ts:193 #: src/pages/sources/oauth/OAuthSourceForm.ts:207
#: src/pages/sources/saml/SAMLSourceForm.ts:263 #: src/pages/sources/saml/SAMLSourceForm.ts:263
msgid "Flow to use when authenticating existing users." msgid "Flow to use when authenticating existing users."
msgstr "" msgstr ""
#: src/pages/sources/oauth/OAuthSourceForm.ts:214 #: src/pages/sources/oauth/OAuthSourceForm.ts:228
#: src/pages/sources/saml/SAMLSourceForm.ts:284 #: src/pages/sources/saml/SAMLSourceForm.ts:284
msgid "Flow to use when enrolling new users." msgid "Flow to use when enrolling new users."
msgstr "" msgstr ""
@ -1710,9 +1710,9 @@ msgstr ""
#: src/pages/providers/saml/SAMLProviderImportForm.ts:55 #: src/pages/providers/saml/SAMLProviderImportForm.ts:55
#: src/pages/sources/ldap/LDAPSourceForm.ts:164 #: src/pages/sources/ldap/LDAPSourceForm.ts:164
#: src/pages/sources/ldap/LDAPSourceForm.ts:190 #: src/pages/sources/ldap/LDAPSourceForm.ts:190
#: src/pages/sources/oauth/OAuthSourceForm.ts:163 #: src/pages/sources/oauth/OAuthSourceForm.ts:177
#: src/pages/sources/oauth/OAuthSourceForm.ts:191 #: src/pages/sources/oauth/OAuthSourceForm.ts:205
#: src/pages/sources/oauth/OAuthSourceForm.ts:212 #: src/pages/sources/oauth/OAuthSourceForm.ts:226
#: src/pages/sources/saml/SAMLSourceForm.ts:126 #: src/pages/sources/saml/SAMLSourceForm.ts:126
#: src/pages/sources/saml/SAMLSourceForm.ts:240 #: src/pages/sources/saml/SAMLSourceForm.ts:240
#: src/pages/sources/saml/SAMLSourceForm.ts:261 #: src/pages/sources/saml/SAMLSourceForm.ts:261
@ -1879,7 +1879,7 @@ msgstr ""
#: src/pages/sources/SourcesListPage.ts:51 #: src/pages/sources/SourcesListPage.ts:51
#: src/pages/sources/ldap/LDAPSourceForm.ts:54 #: src/pages/sources/ldap/LDAPSourceForm.ts:54
#: src/pages/sources/ldap/LDAPSourceViewPage.ts:64 #: src/pages/sources/ldap/LDAPSourceViewPage.ts:64
#: src/pages/sources/oauth/OAuthSourceForm.ts:98 #: src/pages/sources/oauth/OAuthSourceForm.ts:100
#: src/pages/sources/oauth/OAuthSourceViewPage.ts:63 #: src/pages/sources/oauth/OAuthSourceViewPage.ts:63
#: src/pages/sources/saml/SAMLSourceForm.ts:54 #: src/pages/sources/saml/SAMLSourceForm.ts:54
#: src/pages/sources/saml/SAMLSourceViewPage.ts:66 #: src/pages/sources/saml/SAMLSourceViewPage.ts:66
@ -2330,7 +2330,7 @@ msgstr ""
msgid "Private key, acquired from https://www.google.com/recaptcha/intro/v3.html." msgid "Private key, acquired from https://www.google.com/recaptcha/intro/v3.html."
msgstr "" msgstr ""
#: src/pages/sources/oauth/OAuthSourceForm.ts:79 #: src/pages/sources/oauth/OAuthSourceForm.ts:80
msgid "Profile URL" msgid "Profile URL"
msgstr "" msgstr ""
@ -2372,7 +2372,7 @@ msgstr ""
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:81 #: src/pages/providers/oauth2/OAuth2ProviderForm.ts:81
#: src/pages/providers/proxy/ProxyProviderForm.ts:99 #: src/pages/providers/proxy/ProxyProviderForm.ts:99
#: src/pages/providers/saml/SAMLProviderForm.ts:78 #: src/pages/providers/saml/SAMLProviderForm.ts:78
#: src/pages/sources/oauth/OAuthSourceForm.ts:120 #: src/pages/sources/oauth/OAuthSourceForm.ts:122
#: src/pages/sources/saml/SAMLSourceForm.ts:76 #: src/pages/sources/saml/SAMLSourceForm.ts:76
msgid "Protocol settings" msgid "Protocol settings"
msgstr "" msgstr ""
@ -2395,7 +2395,7 @@ msgstr ""
msgid "Provider Type" msgid "Provider Type"
msgstr "" msgstr ""
#: src/pages/sources/oauth/OAuthSourceForm.ts:136 #: src/pages/sources/oauth/OAuthSourceForm.ts:138
msgid "Provider type" msgid "Provider type"
msgstr "" msgstr ""
@ -2521,7 +2521,7 @@ msgstr ""
msgid "Request has been denied." msgid "Request has been denied."
msgstr "" msgstr ""
#: src/pages/sources/oauth/OAuthSourceForm.ts:86 #: src/pages/sources/oauth/OAuthSourceForm.ts:87
msgid "Request token URL" msgid "Request token URL"
msgstr "" msgstr ""
@ -2800,7 +2800,7 @@ msgstr ""
#: src/pages/applications/ApplicationListPage.ts:58 #: src/pages/applications/ApplicationListPage.ts:58
#: src/pages/flows/FlowForm.ts:94 #: src/pages/flows/FlowForm.ts:94
#: src/pages/sources/ldap/LDAPSourceForm.ts:60 #: src/pages/sources/ldap/LDAPSourceForm.ts:60
#: src/pages/sources/oauth/OAuthSourceForm.ts:104 #: src/pages/sources/oauth/OAuthSourceForm.ts:106
#: src/pages/sources/saml/SAMLSourceForm.ts:60 #: src/pages/sources/saml/SAMLSourceForm.ts:60
msgid "Slug" msgid "Slug"
msgstr "" msgstr ""
@ -3019,7 +3019,7 @@ msgid "Successfully created service-connection."
msgstr "" msgstr ""
#: src/pages/sources/ldap/LDAPSourceForm.ts:47 #: src/pages/sources/ldap/LDAPSourceForm.ts:47
#: src/pages/sources/oauth/OAuthSourceForm.ts:50 #: src/pages/sources/oauth/OAuthSourceForm.ts:51
#: src/pages/sources/saml/SAMLSourceForm.ts:47 #: src/pages/sources/saml/SAMLSourceForm.ts:47
msgid "Successfully created source." msgid "Successfully created source."
msgstr "" msgstr ""
@ -3155,7 +3155,7 @@ msgid "Successfully updated service-connection."
msgstr "" msgstr ""
#: src/pages/sources/ldap/LDAPSourceForm.ts:44 #: src/pages/sources/ldap/LDAPSourceForm.ts:44
#: src/pages/sources/oauth/OAuthSourceForm.ts:47 #: src/pages/sources/oauth/OAuthSourceForm.ts:48
#: src/pages/sources/saml/SAMLSourceForm.ts:44 #: src/pages/sources/saml/SAMLSourceForm.ts:44
msgid "Successfully updated source." msgid "Successfully updated source."
msgstr "" msgstr ""
@ -3415,7 +3415,7 @@ msgstr ""
msgid "UID" msgid "UID"
msgstr "" msgstr ""
#: src/pages/sources/oauth/OAuthSourceForm.ts:61 #: src/pages/sources/oauth/OAuthSourceForm.ts:62
msgid "URL settings" msgid "URL settings"
msgstr "" msgstr ""
@ -3423,19 +3423,19 @@ msgstr ""
msgid "URL that the initial Login request is sent to." msgid "URL that the initial Login request is sent to."
msgstr "" msgstr ""
#: src/pages/sources/oauth/OAuthSourceForm.ts:69 #: src/pages/sources/oauth/OAuthSourceForm.ts:70
msgid "URL the user is redirect to to consent the authorization." msgid "URL the user is redirect to to consent the authorization."
msgstr "" msgstr ""
#: src/pages/sources/oauth/OAuthSourceForm.ts:83 #: src/pages/sources/oauth/OAuthSourceForm.ts:84
msgid "URL used by authentik to get user information." msgid "URL used by authentik to get user information."
msgstr "" msgstr ""
#: src/pages/sources/oauth/OAuthSourceForm.ts:76 #: src/pages/sources/oauth/OAuthSourceForm.ts:77
msgid "URL used by authentik to retrieve tokens." msgid "URL used by authentik to retrieve tokens."
msgstr "" msgstr ""
#: src/pages/sources/oauth/OAuthSourceForm.ts:89 #: src/pages/sources/oauth/OAuthSourceForm.ts:90
msgid "URL used to request the initial token. This URL is only required for OAuth 1." msgid "URL used to request the initial token. This URL is only required for OAuth 1."
msgstr "" msgstr ""

27
web/src/pages/sources/oauth/OAuthSourceForm.ts
View File

@ -31,6 +31,9 @@ export class OAuthSourceForm extends Form<OAuthSource> {
@property({type: Boolean}) @property({type: Boolean})
showUrlOptions = false; showUrlOptions = false;
@property({type: Boolean})
showRequestTokenURL = false;
getSuccessMessage(): string { getSuccessMessage(): string {
if (this.source) { if (this.source) {
return t`Successfully updated source.`; return t`Successfully updated source.`;
@ -66,29 +69,30 @@ export class OAuthSourceForm extends Form<OAuthSource> {
label=${t`Authorization URL`} label=${t`Authorization URL`}
?required=${true} ?required=${true}
name="authorizationUrl"> name="authorizationUrl">
<input type="text" value="${ifDefined(this.source?.authorizationUrl)}" class="pf-c-form-control" required> <input type="text" value="${first(this.source?.authorizationUrl, "")}" class="pf-c-form-control" required>
<p class="pf-c-form__helper-text">${t`URL the user is redirect to to consent the authorization.`}</p> <p class="pf-c-form__helper-text">${t`URL the user is redirect to to consent the authorization.`}</p>
</ak-form-element-horizontal> </ak-form-element-horizontal>
<ak-form-element-horizontal <ak-form-element-horizontal
label=${t`Access token URL`} label=${t`Access token URL`}
?required=${true} ?required=${true}
name="accessTokenUrl"> name="accessTokenUrl">
<input type="text" value="${ifDefined(this.source?.accessTokenUrl)}" class="pf-c-form-control" required> <input type="text" value="${first(this.source?.accessTokenUrl, "")}" class="pf-c-form-control" required>
<p class="pf-c-form__helper-text">${t`URL used by authentik to retrieve tokens.`}</p> <p class="pf-c-form__helper-text">${t`URL used by authentik to retrieve tokens.`}</p>
</ak-form-element-horizontal> </ak-form-element-horizontal>
<ak-form-element-horizontal <ak-form-element-horizontal
label=${t`Profile URL`} label=${t`Profile URL`}
?required=${true} ?required=${true}
name="profileUrl"> name="profileUrl">
<input type="text" value="${ifDefined(this.source?.profileUrl)}" class="pf-c-form-control" required> <input type="text" value="${first(this.source?.profileUrl, "")}" class="pf-c-form-control" required>
<p class="pf-c-form__helper-text">${t`URL used by authentik to get user information.`}</p> <p class="pf-c-form__helper-text">${t`URL used by authentik to get user information.`}</p>
</ak-form-element-horizontal> </ak-form-element-horizontal>
<ak-form-element-horizontal ${this.showRequestTokenURL ? html`<ak-form-element-horizontal
label=${t`Request token URL`} label=${t`Request token URL`}
name="requestTokenUrl"> name="requestTokenUrl">
<input type="text" value="${ifDefined(this.source?.requestTokenUrl)}" class="pf-c-form-control"> <input type="text" value="${first(this.source?.requestTokenUrl, "")}" class="pf-c-form-control">
<p class="pf-c-form__helper-text">${t`URL used to request the initial token. This URL is only required for OAuth 1.`}</p> <p class="pf-c-form__helper-text">${t`URL used to request the initial token. This URL is only required for OAuth 1.`}</p>
</ak-form-element-horizontal> </ak-form-element-horizontal>
` : html``}
</div> </div>
</ak-form-group>`; </ak-form-group>`;
} }
@ -144,6 +148,11 @@ export class OAuthSourceForm extends Form<OAuthSource> {
} else { } else {
this.showUrlOptions = false; this.showUrlOptions = false;
} }
if ("data-request-token" in selected.attributes) {
this.showRequestTokenURL = true;
} else {
this.showRequestTokenURL = false;
}
if (!this.source) { if (!this.source) {
this.source = {} as OAuthSource; this.source = {} as OAuthSource;
} }
@ -157,7 +166,13 @@ export class OAuthSourceForm extends Form<OAuthSource> {
selected = true; selected = true;
} }
} }
return html`<option ?data-urls-custom=${type.urlsCustomizable} value=${type.slug} ?selected=${selected}>${type.name}</option>`; return html`<option
?data-urls-custom=${type.urlsCustomizable}
?data-request-token=${type.requestTokenUrl}
value=${type.slug}
?selected=${selected}>
${type.name}
</option>`;
}); });
}), html`<option>${t`Loading...`}</option>`)} }), html`<option>${t`Loading...`}</option>`)}
</select> </select>