habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'main' into dev

Browse Source 
* main:
  web: bump API Client version (#11909)
  enterprise/rac: fix API Schema for invalidation_flow (#11907)
This commit is contained in:
Ken Sternberg
2024-11-04 13:20:15 -08:00
parent e0d5df89ca 0f8d497413
commit 75790909a8
7 changed files with 75 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
authentik/enterprise/providers/rac/api/providers.py
View File

@ -16,13 +16,28 @@ class RACProviderSerializer(EnterpriseRequiredMixin, ProviderSerializer):
class Meta: class Meta:
model = RACProvider model = RACProvider
fields = ProviderSerializer.Meta.fields + [ fields = [
"pk",
"name",
"authentication_flow",
"authorization_flow",
"property_mappings",
"component",
"assigned_application_slug",
"assigned_application_name",
"assigned_backchannel_application_slug",
"assigned_backchannel_application_name",
"verbose_name",
"verbose_name_plural",
"meta_model_name",
"settings", "settings",
"outpost_set", "outpost_set",
"connection_expiry", "connection_expiry",
"delete_token_on_disconnect", "delete_token_on_disconnect",
] ]
extra_kwargs = ProviderSerializer.Meta.extra_kwargs extra_kwargs = {
"authorization_flow": {"required": True, "allow_null": False},
}
class RACProviderViewSet(UsedByMixin, ModelViewSet): class RACProviderViewSet(UsedByMixin, ModelViewSet):

46
authentik/enterprise/providers/rac/tests/test_api.py Normal file
View File

@ -0,0 +1,46 @@
"""Test RAC Provider"""
from datetime import timedelta
from time import mktime
from unittest.mock import MagicMock, patch
from django.urls import reverse
from django.utils.timezone import now
from rest_framework.test import APITestCase
from authentik.core.tests.utils import create_test_admin_user, create_test_flow
from authentik.enterprise.license import LicenseKey
from authentik.enterprise.models import License
from authentik.lib.generators import generate_id
class TestAPI(APITestCase):
"""Test Provider API"""
def setUp(self) -> None:
self.user = create_test_admin_user()
@patch(
"authentik.enterprise.license.LicenseKey.validate",
MagicMock(
return_value=LicenseKey(
aud="",
exp=int(mktime((now() + timedelta(days=3000)).timetuple())),
name=generate_id(),
internal_users=100,
external_users=100,
)
),
)
def test_create(self):
"""Test creation of RAC Provider"""
License.objects.create(key=generate_id())
self.client.force_login(self.user)
response = self.client.post(
reverse("authentik_api:racprovider-list"),
data={
"name": generate_id(),
"authorization_flow": create_test_flow().pk,
},
)
self.assertEqual(response.status_code, 201)

3
authentik/enterprise/providers/rac/tests/test_endpoints_api.py
View File

@ -68,7 +68,6 @@ class TestEndpointsAPI(APITestCase):
"name": self.provider.name, "name": self.provider.name,
"authentication_flow": None, "authentication_flow": None,
"authorization_flow": None, "authorization_flow": None,
"invalidation_flow": None,
"property_mappings": [], "property_mappings": [],
"connection_expiry": "hours=8", "connection_expiry": "hours=8",
"delete_token_on_disconnect": False, "delete_token_on_disconnect": False,
@ -121,7 +120,6 @@ class TestEndpointsAPI(APITestCase):
"name": self.provider.name, "name": self.provider.name,
"authentication_flow": None, "authentication_flow": None,
"authorization_flow": None, "authorization_flow": None,
"invalidation_flow": None,
"property_mappings": [], "property_mappings": [],
"component": "ak-provider-rac-form", "component": "ak-provider-rac-form",
"assigned_application_slug": self.app.slug, "assigned_application_slug": self.app.slug,
@ -151,7 +149,6 @@ class TestEndpointsAPI(APITestCase):
"name": self.provider.name, "name": self.provider.name,
"authentication_flow": None, "authentication_flow": None,
"authorization_flow": None, "authorization_flow": None,
"invalidation_flow": None,
"property_mappings": [], "property_mappings": [],
"component": "ak-provider-rac-form", "component": "ak-provider-rac-form",
"assigned_application_slug": self.app.slug, "assigned_application_slug": self.app.slug,

8
blueprints/schema.json
View File

@ -6974,7 +6974,7 @@
"spnego_server_name": { "spnego_server_name": {
"type": "string", "type": "string",
"title": "Spnego server name", "title": "Spnego server name",
"description": "Force the use of a specific server name for SPNEGO" "description": "Force the use of a specific server name for SPNEGO. Must be in the form HTTP@hostname"
}, },
"spnego_keytab": { "spnego_keytab": {
"type": "string", "type": "string",
@ -13383,12 +13383,6 @@
"title": "Authorization flow", "title": "Authorization flow",
"description": "Flow used when authorizing this provider." "description": "Flow used when authorizing this provider."
}, },
"invalidation_flow": {
"type": "string",
"format": "uuid",
"title": "Invalidation flow",
"description": "Flow used ending the session from a provider."
},
"property_mappings": { "property_mappings": {
"type": "array", "type": "array",
"items": { "items": {

23
schema.yml
View File

@ -42975,7 +42975,8 @@ components:
readOnly: true readOnly: true
spnego_server_name: spnego_server_name:
type: string type: string
description: Force the use of a specific server name for SPNEGO description: Force the use of a specific server name for SPNEGO. Must be
in the form HTTP@hostname
spnego_ccache: spnego_ccache:
type: string type: string
description: Credential cache to use for SPNEGO in form type:residual description: Credential cache to use for SPNEGO in form type:residual
@ -43144,7 +43145,8 @@ components:
be in the form TYPE:residual be in the form TYPE:residual
spnego_server_name: spnego_server_name:
type: string type: string
description: Force the use of a specific server name for SPNEGO description: Force the use of a specific server name for SPNEGO. Must be
in the form HTTP@hostname
spnego_keytab: spnego_keytab:
type: string type: string
writeOnly: true writeOnly: true
@ -48448,7 +48450,8 @@ components:
be in the form TYPE:residual be in the form TYPE:residual
spnego_server_name: spnego_server_name:
type: string type: string
description: Force the use of a specific server name for SPNEGO description: Force the use of a specific server name for SPNEGO. Must be
in the form HTTP@hostname
spnego_keytab: spnego_keytab:
type: string type: string
writeOnly: true writeOnly: true
@ -49461,10 +49464,6 @@ components:
type: string type: string
format: uuid format: uuid
description: Flow used when authorizing this provider. description: Flow used when authorizing this provider.
invalidation_flow:
type: string
format: uuid
description: Flow used ending the session from a provider.
property_mappings: property_mappings:
type: array type: array
items: items:
@ -51696,10 +51695,6 @@ components:
type: string type: string
format: uuid format: uuid
description: Flow used when authorizing this provider. description: Flow used when authorizing this provider.
invalidation_flow:
type: string
format: uuid
description: Flow used ending the session from a provider.
property_mappings: property_mappings:
type: array type: array
items: items:
@ -51757,7 +51752,6 @@ components:
- assigned_backchannel_application_slug - assigned_backchannel_application_slug
- authorization_flow - authorization_flow
- component - component
- invalidation_flow
- meta_model_name - meta_model_name
- name - name
- outpost_set - outpost_set
@ -51781,10 +51775,6 @@ components:
type: string type: string
format: uuid format: uuid
description: Flow used when authorizing this provider. description: Flow used when authorizing this provider.
invalidation_flow:
type: string
format: uuid
description: Flow used ending the session from a provider.
property_mappings: property_mappings:
type: array type: array
items: items:
@ -51801,7 +51791,6 @@ components:
description: When set to true, connection tokens will be deleted upon disconnect. description: When set to true, connection tokens will be deleted upon disconnect.
required: required:
- authorization_flow - authorization_flow
- invalidation_flow
- name - name
RadiusCheckAccess: RadiusCheckAccess:
type: object type: object

8
web/package-lock.json generated
View File

@ -23,7 +23,7 @@
"@floating-ui/dom": "^1.6.11", "@floating-ui/dom": "^1.6.11",
"@formatjs/intl-listformat": "^7.5.7", "@formatjs/intl-listformat": "^7.5.7",
"@fortawesome/fontawesome-free": "^6.6.0", "@fortawesome/fontawesome-free": "^6.6.0",
"@goauthentik/api": "^2024.10.0-1730331602", "@goauthentik/api": "^2024.10.0-1730745228",
"@lit-labs/ssr": "^3.2.2", "@lit-labs/ssr": "^3.2.2",
"@lit/context": "^1.1.2", "@lit/context": "^1.1.2",
"@lit/localize": "^0.12.2", "@lit/localize": "^0.12.2",
@ -1775,9 +1775,9 @@
} }
}, },
"node_modules/@goauthentik/api": { "node_modules/@goauthentik/api": {
"version": "2024.10.0-1730331602", "version": "2024.10.0-1730745228",
"resolved": "https://registry.npmjs.org/@goauthentik/api/-/api-2024.10.0-1730331602.tgz", "resolved": "https://registry.npmjs.org/@goauthentik/api/-/api-2024.10.0-1730745228.tgz",
"integrity": "sha512-VaXywdDCFkIs9RgmHVYt8jGf5xnc+czsu5ILEThNQOuXvBjkGa0J8aPWVSdfP++GiHnkjddWVFzJ6R6LOoHbWQ==" "integrity": "sha512-YIPhEj7+ZbAJNwCGEJKcY0xeL2qLLG2f0xAHQ+c6gtWpo3p0d14RcPPG8lu5TP21VyqSUcXuUY2CwQ0vW0HWMA=="
}, },
"node_modules/@goauthentik/web": { "node_modules/@goauthentik/web": {
"resolved": "", "resolved": "",

2
web/package.json
View File

@ -11,7 +11,7 @@
"@floating-ui/dom": "^1.6.11", "@floating-ui/dom": "^1.6.11",
"@formatjs/intl-listformat": "^7.5.7", "@formatjs/intl-listformat": "^7.5.7",
"@fortawesome/fontawesome-free": "^6.6.0", "@fortawesome/fontawesome-free": "^6.6.0",
"@goauthentik/api": "^2024.10.0-1730331602", "@goauthentik/api": "^2024.10.0-1730745228",
"@lit-labs/ssr": "^3.2.2", "@lit-labs/ssr": "^3.2.2",
"@lit/context": "^1.1.2", "@lit/context": "^1.1.2",
"@lit/localize": "^0.12.2", "@lit/localize": "^0.12.2",