outposts/ldap: use authorization_flow instead of separate field
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer
@ -14,7 +14,6 @@ class LDAPProviderSerializer(ProviderSerializer):
|
||||
|
||||
model = LDAPProvider
|
||||
fields = ProviderSerializer.Meta.fields + [
|
||||
"bind_flow",
|
||||
"base_dn",
|
||||
]
|
||||
|
||||
@ -31,7 +30,7 @@ class LDAPOutpostConfigSerializer(ModelSerializer):
|
||||
"""LDAPProvider Serializer"""
|
||||
|
||||
application_slug = CharField(source="application.slug")
|
||||
bind_flow_slug = CharField(source="bind_flow.slug")
|
||||
bind_flow_slug = CharField(source="authorization_flow.slug")
|
||||
|
||||
class Meta:
|
||||
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
# Generated by Django 3.2 on 2021-04-26 09:51
|
||||
# Generated by Django 3.2 on 2021-04-26 12:45
|
||||
|
||||
import django.db.models.deletion
|
||||
from django.db import migrations, models
|
||||
@ -10,7 +10,6 @@ class Migration(migrations.Migration):
|
||||
|
||||
dependencies = [
|
||||
("authentik_core", "0019_source_managed"),
|
||||
("authentik_flows", "0018_oob_flows"),
|
||||
]
|
||||
|
||||
operations = [
|
||||
@ -35,21 +34,11 @@ class Migration(migrations.Migration):
|
||||
help_text="DN under which objects are accessible.",
|
||||
),
|
||||
),
|
||||
(
|
||||
"bind_flow",
|
||||
models.ForeignKey(
|
||||
default=None,
|
||||
help_text="Flow which is used to bind users. When left empty, no users will be able to bind.",
|
||||
null=True,
|
||||
on_delete=django.db.models.deletion.SET_DEFAULT,
|
||||
to="authentik_flows.flow",
|
||||
),
|
||||
),
|
||||
],
|
||||
options={
|
||||
"verbose_name": "LDAP Provider",
|
||||
"verbose_name_plural": "LDAP Providers",
|
||||
},
|
||||
bases=("authentik_core.provider",),
|
||||
bases=("authentik_core.provider", models.Model),
|
||||
),
|
||||
]
|
||||
|
||||
@ -18,16 +18,6 @@ class LDAPProvider(OutpostModel, Provider):
|
||||
help_text=_("DN under which objects are accessible."),
|
||||
)
|
||||
|
||||
bind_flow = models.ForeignKey(
|
||||
Flow,
|
||||
null=True,
|
||||
default=None,
|
||||
on_delete=models.SET_DEFAULT,
|
||||
help_text=_(
|
||||
"Flow which is used to bind users. When left empty, no users will be able to bind."
|
||||
),
|
||||
)
|
||||
|
||||
@property
|
||||
def launch_url(self) -> Optional[str]:
|
||||
"""LDAP never has a launch URL"""
|
||||
|
||||
@ -37,7 +37,7 @@ func (ls *LDAPServer) Refresh() error {
|
||||
}
|
||||
|
||||
func (ls *LDAPServer) Start() error {
|
||||
listen := "127.0.0.1:3390"
|
||||
listen := "0.0.0.0:3389"
|
||||
log.Debugf("Listening on %s", listen)
|
||||
err := ls.s.ListenAndServe(listen)
|
||||
if err != nil {
|
||||
|
||||
@ -6,7 +6,6 @@ COPY . .
|
||||
|
||||
RUN go build -o /work/proxy ./cmd/proxy
|
||||
|
||||
# Copy binary to alpine
|
||||
FROM gcr.io/distroless/base-debian10:debug
|
||||
|
||||
COPY --from=builder /work/proxy /
|
||||
|
||||
@ -17101,13 +17101,6 @@ definitions:
|
||||
title: Verbose name plural
|
||||
type: string
|
||||
readOnly: true
|
||||
bind_flow:
|
||||
title: Bind flow
|
||||
description: Flow which is used to bind users. When left empty, no users will
|
||||
be able to bind.
|
||||
type: string
|
||||
format: uuid
|
||||
x-nullable: true
|
||||
base_dn:
|
||||
title: Base dn
|
||||
description: DN under which objects are accessible.
|
||||
|
||||
@ -89,6 +89,16 @@ export class OutpostForm extends Form<Outpost> {
|
||||
return html`<option value=${ifDefined(provider.pk)} ?selected=${selected}>${provider.verboseName} ${provider.name}</option>`;
|
||||
});
|
||||
}), html`<option>${t`Loading...`}</option>`)}
|
||||
${until(new ProvidersApi(DEFAULT_CONFIG).providersLdapList({
|
||||
ordering: "pk"
|
||||
}).then(providers => {
|
||||
return providers.results.map(provider => {
|
||||
const selected = Array.from(this.outpost?.providers || []).some(sp => {
|
||||
return sp == provider.pk;
|
||||
});
|
||||
return html`<option value=${ifDefined(provider.pk)} ?selected=${selected}>${provider.verboseName} ${provider.name}</option>`;
|
||||
});
|
||||
}), html`<option>${t`Loading...`}</option>`)}
|
||||
</select>
|
||||
<p class="pf-c-form__helper-text">${t`Hold control/command to select multiple items.`}</p>
|
||||
</ak-form-element-horizontal>
|
||||
|
||||
@ -56,14 +56,14 @@ export class LDAPProviderFormPage extends Form<LDAPProvider> {
|
||||
<ak-form-element-horizontal
|
||||
label=${t`Bind flow`}
|
||||
?required=${true}
|
||||
name="bindFlow">
|
||||
name="authorizationFlow">
|
||||
<select class="pf-c-form-control">
|
||||
${until(new FlowsApi(DEFAULT_CONFIG).flowsInstancesList({
|
||||
ordering: "pk",
|
||||
designation: FlowDesignationEnum.Authentication,
|
||||
}).then(flows => {
|
||||
return flows.results.map(flow => {
|
||||
return html`<option value=${ifDefined(flow.pk)} ?selected=${this.provider?.bindFlow === flow.pk}>${flow.name} (${flow.slug})</option>`;
|
||||
return html`<option value=${ifDefined(flow.pk)} ?selected=${this.provider?.authorizationFlow === flow.pk}>${flow.name} (${flow.slug})</option>`;
|
||||
});
|
||||
}), html`<option>${t`Loading...`}</option>`)}
|
||||
</select>
|
||||
|
||||
Reference in New Issue
Block a user