enterprise/providers/microsoft_entra: initial account sync to microsoft entra (#9632)

* initial Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add entra mappings Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix some stuff Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make API endpoints more consistent Signed-off-by: Jens Langhammer <jens@goauthentik.io> * implement more things Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add user tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix most group tests + fix bugs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more group tests, fix bugs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix missing __init__ Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add ui for provisioned users Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix a bunch of bugs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add `creating` to property mapping env Signed-off-by: Jens Langhammer <jens@goauthentik.io> * always sync group members Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix stuff Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix group membership Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix some types Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add group member add test Signed-off-by: Jens Langhammer <jens@goauthentik.io> * create sync status component to dedupe Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix discovery tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * get rid of more code and fix more issues Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add error handling for auth and transient Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make sure autoretry is on Signed-off-by: Jens Langhammer <jens@goauthentik.io> * format web Signed-off-by: Jens Langhammer <jens@goauthentik.io> * wait for task in signal Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add squashed google migration Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2024-05-09 15:41:23 +02:00
parent ff4ec6f9b4
commit 99ad492951
85 changed files with 6312 additions and 443 deletions
--- a/web/src/admin/property-mappings/PropertyMappingGoogleWorkspaceForm.ts
+++ b/web/src/admin/property-mappings/PropertyMappingGoogleWorkspaceForm.ts
@ -10,11 +10,11 @@ import { TemplateResult, html } from "lit";
 import { customElement } from "lit/decorators.js";
 import { ifDefined } from "lit/directives/if-defined.js";

-import { GoogleProviderMapping, PropertymappingsApi } from "@goauthentik/api";
+import { GoogleWorkspaceProviderMapping, PropertymappingsApi } from "@goauthentik/api";

@customElement("ak-property-mapping-google-workspace-form")
-export class PropertyMappingGoogleWorkspaceForm extends BasePropertyMappingForm<GoogleProviderMapping> {
-    loadInstance(pk: string): Promise<GoogleProviderMapping> {
+export class PropertyMappingGoogleWorkspaceForm extends BasePropertyMappingForm<GoogleWorkspaceProviderMapping> {
+    loadInstance(pk: string): Promise<GoogleWorkspaceProviderMapping> {
        return new PropertymappingsApi(
            DEFAULT_CONFIG,
        ).propertymappingsProviderGoogleWorkspaceRetrieve({
@ -22,19 +22,19 @@ export class PropertyMappingGoogleWorkspaceForm extends BasePropertyMappingForm<
        });
    }

-    async send(data: GoogleProviderMapping): Promise<GoogleProviderMapping> {
+    async send(data: GoogleWorkspaceProviderMapping): Promise<GoogleWorkspaceProviderMapping> {
        if (this.instance) {
            return new PropertymappingsApi(
                DEFAULT_CONFIG,
            ).propertymappingsProviderGoogleWorkspaceUpdate({
-                pmUuid: this.instance.pk || "",
-                googleProviderMappingRequest: data,
+                pmUuid: this.instance.pk,
+                googleWorkspaceProviderMappingRequest: data,
            });
        } else {
            return new PropertymappingsApi(
                DEFAULT_CONFIG,
            ).propertymappingsProviderGoogleWorkspaceCreate({
-                googleProviderMappingRequest: data,
+                googleWorkspaceProviderMappingRequest: data,
            });
        }
    }
--- a/web/src/admin/property-mappings/PropertyMappingLDAPForm.ts
+++ b/web/src/admin/property-mappings/PropertyMappingLDAPForm.ts
@ -23,7 +23,7 @@ export class PropertyMappingLDAPForm extends BasePropertyMappingForm<LDAPPropert
    async send(data: LDAPPropertyMapping): Promise<LDAPPropertyMapping> {
        if (this.instance) {
            return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsLdapUpdate({
-                pmUuid: this.instance.pk || "",
+                pmUuid: this.instance.pk,
                lDAPPropertyMappingRequest: data,
            });
        } else {
--- a/web/src/admin/property-mappings/PropertyMappingListPage.ts
+++ b/web/src/admin/property-mappings/PropertyMappingListPage.ts
@ -1,5 +1,6 @@
 import "@goauthentik/admin/property-mappings/PropertyMappingGoogleWorkspaceForm";
 import "@goauthentik/admin/property-mappings/PropertyMappingLDAPForm";
+import "@goauthentik/admin/property-mappings/PropertyMappingMicrosoftEntraForm";
 import "@goauthentik/admin/property-mappings/PropertyMappingNotification";
 import "@goauthentik/admin/property-mappings/PropertyMappingRACForm";
 import "@goauthentik/admin/property-mappings/PropertyMappingSAMLForm";
--- a/web/src/admin/property-mappings/PropertyMappingMicrosoftEntraForm.ts
+++ b/web/src/admin/property-mappings/PropertyMappingMicrosoftEntraForm.ts
@ -0,0 +1,72 @@
+import { BasePropertyMappingForm } from "@goauthentik/admin/property-mappings/BasePropertyMappingForm";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
+import { docLink } from "@goauthentik/common/global";
+import "@goauthentik/elements/CodeMirror";
+import { CodeMirrorMode } from "@goauthentik/elements/CodeMirror";
+import "@goauthentik/elements/forms/HorizontalFormElement";
+
+import { msg } from "@lit/localize";
+import { TemplateResult, html } from "lit";
+import { customElement } from "lit/decorators.js";
+import { ifDefined } from "lit/directives/if-defined.js";
+
+import { MicrosoftEntraProviderMapping, PropertymappingsApi } from "@goauthentik/api";
+
+@customElement("ak-property-mapping-microsoft-entra-form")
+export class PropertyMappingMicrosoftEntraForm extends BasePropertyMappingForm<MicrosoftEntraProviderMapping> {
+    loadInstance(pk: string): Promise<MicrosoftEntraProviderMapping> {
+        return new PropertymappingsApi(
+            DEFAULT_CONFIG,
+        ).propertymappingsProviderGoogleWorkspaceRetrieve({
+            pmUuid: pk,
+        });
+    }
+
+    async send(data: MicrosoftEntraProviderMapping): Promise<MicrosoftEntraProviderMapping> {
+        if (this.instance) {
+            return new PropertymappingsApi(
+                DEFAULT_CONFIG,
+            ).propertymappingsProviderMicrosoftEntraUpdate({
+                pmUuid: this.instance.pk,
+                microsoftEntraProviderMappingRequest: data,
+            });
+        } else {
+            return new PropertymappingsApi(
+                DEFAULT_CONFIG,
+            ).propertymappingsProviderMicrosoftEntraCreate({
+                microsoftEntraProviderMappingRequest: data,
+            });
+        }
+    }
+
+    renderForm(): TemplateResult {
+        return html` <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name">
+                <input
+                    type="text"
+                    value="${ifDefined(this.instance?.name)}"
+                    class="pf-c-form-control"
+                    required
+                />
+            </ak-form-element-horizontal>
+            <ak-form-element-horizontal
+                label=${msg("Expression")}
+                ?required=${true}
+                name="expression"
+            >
+                <ak-codemirror
+                    mode=${CodeMirrorMode.Python}
+                    value="${ifDefined(this.instance?.expression)}"
+                >
+                </ak-codemirror>
+                <p class="pf-c-form__helper-text">
+                    ${msg("Expression using Python.")}
+                    <a
+                        target="_blank"
+                        href="${docLink("/docs/property-mappings/expression?utm_source=authentik")}"
+                    >
+                        ${msg("See documentation for a list of all variables.")}
+                    </a>
+                </p>
+            </ak-form-element-horizontal>`;
+    }
+}
--- a/web/src/admin/property-mappings/PropertyMappingNotification.ts
+++ b/web/src/admin/property-mappings/PropertyMappingNotification.ts
@ -29,7 +29,7 @@ export class PropertyMappingNotification extends ModelForm<NotificationWebhookMa
    async send(data: NotificationWebhookMapping): Promise<NotificationWebhookMapping> {
        if (this.instance) {
            return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsNotificationUpdate({
-                pmUuid: this.instance.pk || "",
+                pmUuid: this.instance.pk,
                notificationWebhookMappingRequest: data,
            });
        } else {
--- a/web/src/admin/property-mappings/PropertyMappingRACForm.ts
+++ b/web/src/admin/property-mappings/PropertyMappingRACForm.ts
@ -51,7 +51,7 @@ export class PropertyMappingLDAPForm extends ModelForm<RACPropertyMapping, strin
    async send(data: RACPropertyMapping): Promise<RACPropertyMapping> {
        if (this.instance) {
            return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsRacUpdate({
-                pmUuid: this.instance.pk || "",
+                pmUuid: this.instance.pk,
                rACPropertyMappingRequest: data,
            });
        } else {
--- a/web/src/admin/property-mappings/PropertyMappingSAMLForm.ts
+++ b/web/src/admin/property-mappings/PropertyMappingSAMLForm.ts
@ -23,7 +23,7 @@ export class PropertyMappingSAMLForm extends BasePropertyMappingForm<SAMLPropert
    async send(data: SAMLPropertyMapping): Promise<SAMLPropertyMapping> {
        if (this.instance) {
            return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsSamlUpdate({
-                pmUuid: this.instance.pk || "",
+                pmUuid: this.instance.pk,
                sAMLPropertyMappingRequest: data,
            });
        } else {
--- a/web/src/admin/property-mappings/PropertyMappingSCIMForm.ts
+++ b/web/src/admin/property-mappings/PropertyMappingSCIMForm.ts
@ -23,7 +23,7 @@ export class PropertyMappingSCIMForm extends BasePropertyMappingForm<SCIMMapping
    async send(data: SCIMMapping): Promise<SCIMMapping> {
        if (this.instance) {
            return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsScimUpdate({
-                pmUuid: this.instance.pk || "",
+                pmUuid: this.instance.pk,
                sCIMMappingRequest: data,
            });
        } else {
--- a/web/src/admin/property-mappings/PropertyMappingScopeForm.ts
+++ b/web/src/admin/property-mappings/PropertyMappingScopeForm.ts
@ -23,7 +23,7 @@ export class PropertyMappingScopeForm extends BasePropertyMappingForm<ScopeMappi
    async send(data: ScopeMapping): Promise<ScopeMapping> {
        if (this.instance) {
            return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsScopeUpdate({
-                pmUuid: this.instance.pk || "",
+                pmUuid: this.instance.pk,
                scopeMappingRequest: data,
            });
        } else {