blueprints: v1 (#1573)

* managed: move flowexporter to managed Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * *: implement SerializerModel in all models Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * managed: add initial api Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * managed: start blueprint Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * managed: spec Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * version blueprint Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * yep Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * remove v2, improve v1 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * start custom tag, more rebrand Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add default flows Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * move blueprints out of website Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * try new things Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add !lookup, fix web Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * update and cleanup default Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix tags in lists Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * don't save field if its set to default value Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * more flow cleanup Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * format web Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix missing serializer for sms Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * ignore _set fields Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * remove custom file extension Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * migrate default flow to tenant Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * include blueprints Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-31 17:11:44 +02:00
parent 882250a85e
commit 89c84f10d0
119 changed files with 2171 additions and 748 deletions
--- a/blueprints/example/flows-login-conditional-captcha.yaml
+++ b/blueprints/example/flows-login-conditional-captcha.yaml
@ -0,0 +1,89 @@
+version: 1
+entries:
+  - identifiers:
+      slug: default-authentication-flow
+    id: flow
+    model: authentik_flows.flow
+    attrs:
+      name: Default Authentication Flow
+      title: Welcome to authentik!
+      designation: authentication
+  - identifiers:
+      name: default-authentication-login
+    id: default-authentication-login
+    model: authentik_stages_user_login.userloginstage
+    attrs:
+      session_duration: seconds=0
+  - identifiers:
+      name: default-authentication-flow-captcha
+    id: default-authentication-flow-captcha
+    model: authentik_stages_captcha.captchastage
+    attrs:
+      public_key: 6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI
+      private_key: 6LeIxAcTAAAAAGG-vFI1TnRWxMZNFuojJ4WifJWe
+  - identifiers:
+      name: default-authentication-identification
+    id: default-authentication-identification
+    model: authentik_stages_identification.identificationstage
+    attrs:
+      user_fields:
+        - email
+        - username
+      template: stages/identification/login.html
+      enrollment_flow: null
+      recovery_flow: null
+  - identifiers:
+      name: default-authentication-password
+    id: default-authentication-password
+    model: authentik_stages_password.passwordstage
+    attrs:
+      backends:
+        - authentik.core.auth.InbuiltBackend
+        - authentik.core.auth.TokenBackend
+        - authentik.sources.ldap.auth.LDAPBackend
+  - identifiers:
+      target: !KeyOf flow
+      stage: !KeyOf default-authentication-identification
+      order: 10
+    model: authentik_flows.flowstagebinding
+    attrs:
+      re_evaluate_policies: false
+  - identifiers:
+      target: !KeyOf flow
+      stage: !KeyOf default-authentication-password
+      order: 20
+    model: authentik_flows.flowstagebinding
+    attrs:
+      re_evaluate_policies: false
+  - identifiers:
+      target: !KeyOf flow
+      stage: !KeyOf default-authentication-flow-captcha
+      order: 30
+    id: flow-binding-captcha
+    model: authentik_flows.flowstagebinding
+    attrs:
+      evaluate_on_plan: false
+      re_evaluate_policies: true
+  - identifiers:
+      target: !KeyOf flow
+      stage: !KeyOf default-authentication-login
+      order: 100
+    model: authentik_flows.flowstagebinding
+    attrs:
+      re_evaluate_policies: false
+  - identifiers:
+      name: default-authentication-flow-conditional-captcha
+    id: default-authentication-flow-conditional-captcha
+    model: authentik_policies_reputation.reputationpolicy
+    attrs:
+      check_ip: true
+      check_username: true
+      threshold: -5
+  - identifiers:
+      policy: !KeyOf default-authentication-flow-conditional-captcha
+      target: !KeyOf flow-binding-captcha
+      order: 0
+    model: authentik_policies.policybinding
+    attrs:
+      enabled: true
+      timeout: 30