diff --git a/authentik/admin/api/system.py b/authentik/admin/api/system.py index b0e7f074fd..5b2e91ce53 100644 --- a/authentik/admin/api/system.py +++ b/authentik/admin/api/system.py @@ -16,6 +16,7 @@ from rest_framework.views import APIView from authentik import get_full_version from authentik.core.api.utils import PassiveSerializer +from authentik.enterprise.license import LicenseKey from authentik.lib.config import CONFIG from authentik.lib.utils.reflection import get_env from authentik.outposts.apps import MANAGED_OUTPOST @@ -32,7 +33,7 @@ class RuntimeDict(TypedDict): platform: str uname: str openssl_version: str - openssl_fips_mode: bool + openssl_fips_mode: bool | None authentik_version: str @@ -71,7 +72,9 @@ class SystemInfoSerializer(PassiveSerializer): "architecture": platform.machine(), "authentik_version": get_full_version(), "environment": get_env(), - "openssl_fips_enabled": backend._fips_enabled, + "openssl_fips_enabled": ( + backend._fips_enabled if LicenseKey.get_total().is_valid() else None + ), "openssl_version": OPENSSL_VERSION, "platform": platform.platform(), "python_version": python_version, diff --git a/authentik/outposts/api/outposts.py b/authentik/outposts/api/outposts.py index f5bde93c77..f3e697b090 100644 --- a/authentik/outposts/api/outposts.py +++ b/authentik/outposts/api/outposts.py @@ -6,7 +6,7 @@ from django_filters.filters import ModelMultipleChoiceFilter from django_filters.filterset import FilterSet from drf_spectacular.utils import extend_schema from rest_framework.decorators import action -from rest_framework.fields import BooleanField, CharField, DateTimeField +from rest_framework.fields import BooleanField, CharField, DateTimeField, SerializerMethodField from rest_framework.relations import PrimaryKeyRelatedField from rest_framework.request import Request from rest_framework.response import Response @@ -18,6 +18,7 @@ from authentik.core.api.providers import ProviderSerializer from authentik.core.api.used_by import UsedByMixin from authentik.core.api.utils import JSONDictField, PassiveSerializer from authentik.core.models import Provider +from authentik.enterprise.license import LicenseKey from authentik.enterprise.providers.rac.models import RACProvider from authentik.outposts.api.service_connections import ServiceConnectionSerializer from authentik.outposts.apps import MANAGED_OUTPOST, MANAGED_OUTPOST_NAME @@ -120,7 +121,7 @@ class OutpostHealthSerializer(PassiveSerializer): golang_version = CharField(read_only=True) openssl_enabled = BooleanField(read_only=True) openssl_version = CharField(read_only=True) - fips_enabled = BooleanField(read_only=True) + fips_enabled = SerializerMethodField() version_should = CharField(read_only=True) version_outdated = BooleanField(read_only=True) @@ -130,6 +131,12 @@ class OutpostHealthSerializer(PassiveSerializer): hostname = CharField(read_only=True, required=False) + def get_fips_enabled(self, obj: dict) -> bool | None: + """Get FIPS enabled""" + if not LicenseKey.get_total().is_valid(): + return None + return obj["fips_enabled"] + class OutpostFilter(FilterSet): """Filter for Outposts""" diff --git a/schema.yml b/schema.yml index 822318ad11..d356a2129e 100644 --- a/schema.yml +++ b/schema.yml @@ -39547,6 +39547,8 @@ components: readOnly: true fips_enabled: type: boolean + nullable: true + description: Get FIPS enabled readOnly: true version_should: type: string @@ -47406,6 +47408,7 @@ components: type: string openssl_fips_mode: type: boolean + nullable: true authentik_version: type: string required: