From a4b6fa17869316b122df1d49a846cd0471d61435 Mon Sep 17 00:00:00 2001 From: "Jens L." Date: Thu, 21 Nov 2024 17:21:16 +0100 Subject: [PATCH] providers/oauth2: fix redirect uri input (#12122) * fix elements disappearing Signed-off-by: Jens Langhammer * fix incorrect field input Signed-off-by: Jens Langhammer * fix wizard form and display Signed-off-by: Jens Langhammer --------- Signed-off-by: Jens Langhammer --- authentik/providers/proxy/api.py | 3 +- schema.yml | 4 +- ...lication-wizard-authentication-by-oauth.ts | 37 +++++++++++++++---- .../providers/oauth2/OAuth2ProviderForm.ts | 1 + .../oauth2/OAuth2ProviderRedirectURI.ts | 2 +- .../oauth2/OAuth2ProviderViewPage.ts | 6 ++- .../providers/proxy/ProxyProviderViewPage.ts | 10 +++-- 7 files changed, 49 insertions(+), 14 deletions(-) diff --git a/authentik/providers/proxy/api.py b/authentik/providers/proxy/api.py index bd52be08d5..2d02096bb8 100644 --- a/authentik/providers/proxy/api.py +++ b/authentik/providers/proxy/api.py @@ -13,6 +13,7 @@ from authentik.core.api.providers import ProviderSerializer from authentik.core.api.used_by import UsedByMixin from authentik.core.api.utils import ModelSerializer, PassiveSerializer from authentik.lib.utils.time import timedelta_from_string +from authentik.providers.oauth2.api.providers import RedirectURISerializer from authentik.providers.oauth2.models import ScopeMapping from authentik.providers.oauth2.views.provider import ProviderInfoView from authentik.providers.proxy.models import ProxyMode, ProxyProvider @@ -39,7 +40,7 @@ class ProxyProviderSerializer(ProviderSerializer): """ProxyProvider Serializer""" client_id = CharField(read_only=True) - redirect_uris = CharField(read_only=True) + redirect_uris = RedirectURISerializer(many=True, read_only=True, source="_redirect_uris") outpost_set = ListField(child=CharField(), read_only=True, source="outpost_set.all") def validate_basic_auth_enabled(self, value: bool) -> bool: diff --git a/schema.yml b/schema.yml index 7f41fd902f..914c5d6e84 100644 --- a/schema.yml +++ b/schema.yml @@ -51498,7 +51498,9 @@ components: description: When enabled, this provider will intercept the authorization header and authenticate requests based on its value. redirect_uris: - type: string + type: array + items: + $ref: '#/components/schemas/RedirectURI' readOnly: true cookie_domain: type: string diff --git a/web/src/admin/applications/wizard/methods/oauth/ak-application-wizard-authentication-by-oauth.ts b/web/src/admin/applications/wizard/methods/oauth/ak-application-wizard-authentication-by-oauth.ts index db1d6517f8..f689a04f90 100644 --- a/web/src/admin/applications/wizard/methods/oauth/ak-application-wizard-authentication-by-oauth.ts +++ b/web/src/admin/applications/wizard/methods/oauth/ak-application-wizard-authentication-by-oauth.ts @@ -11,6 +11,10 @@ import { redirectUriHelp, subjectModeOptions, } from "@goauthentik/admin/providers/oauth2/OAuth2ProviderForm"; +import { + IRedirectURIInput, + akOAuthRedirectURIInput, +} from "@goauthentik/admin/providers/oauth2/OAuth2ProviderRedirectURI"; import { makeSourceSelector, oauth2SourcesProvider, @@ -31,7 +35,13 @@ import { customElement, state } from "@lit/reactive-element/decorators.js"; import { html, nothing } from "lit"; import { ifDefined } from "lit/directives/if-defined.js"; -import { ClientTypeEnum, FlowsInstancesListDesignationEnum, SourcesApi } from "@goauthentik/api"; +import { + ClientTypeEnum, + FlowsInstancesListDesignationEnum, + MatchingModeEnum, + RedirectURI, + SourcesApi, +} from "@goauthentik/api"; import { type OAuth2Provider, type PaginatedOAuthSourceList } from "@goauthentik/api"; import BaseProviderPanel from "../BaseProviderPanel"; @@ -120,14 +130,27 @@ export class ApplicationWizardAuthenticationByOauth extends BaseProviderPanel { > - - + ({ + matchingMode: MatchingModeEnum.Strict, + url: "", + })} + .row=${(f?: RedirectURI) => + akOAuthRedirectURIInput({ + ".redirectURI": f, + "style": "width: 100%", + "name": "oauth2-redirect-uri", + } as unknown as IRedirectURIInput)} + > + + ${redirectUriHelp} + { akOAuthRedirectURIInput({ ".redirectURI": f, "style": "width: 100%", + "name": "oauth2-redirect-uri", } as unknown as IRedirectURIInput)} > diff --git a/web/src/admin/providers/oauth2/OAuth2ProviderRedirectURI.ts b/web/src/admin/providers/oauth2/OAuth2ProviderRedirectURI.ts index 0420b68b00..324f5e97f6 100644 --- a/web/src/admin/providers/oauth2/OAuth2ProviderRedirectURI.ts +++ b/web/src/admin/providers/oauth2/OAuth2ProviderRedirectURI.ts @@ -84,7 +84,7 @@ export class OAuth2ProviderRedirectURI extends AkControlElement { required id="url" placeholder=${msg("URL")} - name="href" + name="url" tabindex="1" /> `; diff --git a/web/src/admin/providers/oauth2/OAuth2ProviderViewPage.ts b/web/src/admin/providers/oauth2/OAuth2ProviderViewPage.ts index 6bba6b3bcc..d1245b4e94 100644 --- a/web/src/admin/providers/oauth2/OAuth2ProviderViewPage.ts +++ b/web/src/admin/providers/oauth2/OAuth2ProviderViewPage.ts @@ -234,7 +234,11 @@ export class OAuth2ProviderViewPage extends AKElement {
- ${this.provider.redirectUris} +
    + ${this.provider.redirectUris.map((ru) => { + return html`
  • ${ru.matchingMode}: ${ru.url}
    • `; + })} +
diff --git a/web/src/admin/providers/proxy/ProxyProviderViewPage.ts b/web/src/admin/providers/proxy/ProxyProviderViewPage.ts index bf68b9ba1b..c7e42a3228 100644 --- a/web/src/admin/providers/proxy/ProxyProviderViewPage.ts +++ b/web/src/admin/providers/proxy/ProxyProviderViewPage.ts @@ -392,9 +392,13 @@ export class ProxyProviderViewPage extends AKElement {
    - ${this.provider.redirectUris.split("\n").map((url) => { - return html`
  • ${url}
    • `; - })} +
      + ${this.provider.redirectUris.map((ru) => { + return html`
    • + ${ru.matchingMode}: ${ru.url} +
      • `; + })} +