habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

core: add API for all user-source connections

Browse Source 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer
2021-10-30 14:36:54 +02:00
parent 12b26e49ec
commit d70c8fbcc3
3 changed files with 318 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
authentik/api/v3/urls.py
View File

@ -19,7 +19,7 @@ from authentik.core.api.devices import DeviceViewSet
from authentik.core.api.groups import GroupViewSet
from authentik.core.api.propertymappings import PropertyMappingViewSet
from authentik.core.api.providers import ProviderViewSet
from authentik.core.api.sources import SourceViewSet
from authentik.core.api.sources import SourceViewSet, UserSourceConnectionViewSet
from authentik.core.api.tokens import TokenViewSet
from authentik.core.api.users import UserViewSet
from authentik.crypto.api import CertificateKeyPairViewSet
@ -137,6 +137,7 @@ router.register("events/transports", NotificationTransportViewSet)
router.register("events/rules", NotificationRuleViewSet)
router.register("sources/all", SourceViewSet)
router.register("sources/user_connections/all", UserSourceConnectionViewSet)
router.register("sources/user_connections/oauth", UserOAuthSourceConnectionViewSet)
router.register("sources/user_connections/plex", PlexSourceConnectionViewSet)
router.register("sources/ldap", LDAPSourceViewSet)

36
authentik/core/api/sources.py
View File

@ -1,18 +1,21 @@
"""Source API Views"""
from typing import Iterable
from django_filters.rest_framework import DjangoFilterBackend
from drf_spectacular.utils import extend_schema
from rest_framework import mixins
from rest_framework.decorators import action
from rest_framework.filters import OrderingFilter, SearchFilter
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.serializers import ModelSerializer, SerializerMethodField
from rest_framework.viewsets import GenericViewSet
from structlog.stdlib import get_logger
from authentik.api.authorization import OwnerFilter, OwnerPermissions
from authentik.core.api.used_by import UsedByMixin
from authentik.core.api.utils import MetaNameSerializer, TypeCreateSerializer
from authentik.core.models import Source
from authentik.core.models import Source, UserSourceConnection
from authentik.core.types import UserSettingSerializer
from authentik.lib.utils.reflection import all_subclasses
from authentik.policies.engine import PolicyEngine
@ -113,3 +116,34 @@ class SourceViewSet(
LOGGER.warning(source_settings.errors)
matching_sources.append(source_settings.validated_data)
return Response(matching_sources)
class UserSourceConnectionSerializer(SourceSerializer):
"""OAuth Source Serializer"""
source = SourceSerializer(read_only=True)
class Meta:
model = UserSourceConnection
fields = [
"pk",
"user",
"source",
]
class UserSourceConnectionViewSet(
mixins.RetrieveModelMixin,
mixins.UpdateModelMixin,
mixins.DestroyModelMixin,
UsedByMixin,
mixins.ListModelMixin,
GenericViewSet,
):
"""User-source connection Viewset"""
queryset = UserSourceConnection.objects.all()
serializer_class = UserSourceConnectionSerializer
permission_classes = [OwnerPermissions]
filter_backends = [OwnerFilter, DjangoFilterBackend, OrderingFilter, SearchFilter]
ordering = ["pk"]

281
schema.yml
View File

@ -13346,6 +13346,186 @@ paths:
$ref: '#/components/schemas/ValidationError'
'403':
$ref: '#/components/schemas/GenericError'
/sources/user_connections/all/:
get:
operationId: sources_user_connections_all_list
description: User-source connection Viewset
parameters:
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedUserSourceConnectionList'
description: ''
'400':
$ref: '#/components/schemas/ValidationError'
'403':
$ref: '#/components/schemas/GenericError'
/sources/user_connections/all/{id}/:
get:
operationId: sources_user_connections_all_retrieve
description: User-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this user source connection.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UserSourceConnection'
description: ''
'400':
$ref: '#/components/schemas/ValidationError'
'403':
$ref: '#/components/schemas/GenericError'
put:
operationId: sources_user_connections_all_update
description: User-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this user source connection.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/UserSourceConnectionRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UserSourceConnection'
description: ''
'400':
$ref: '#/components/schemas/ValidationError'
'403':
$ref: '#/components/schemas/GenericError'
patch:
operationId: sources_user_connections_all_partial_update
description: User-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this user source connection.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedUserSourceConnectionRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UserSourceConnection'
description: ''
'400':
$ref: '#/components/schemas/ValidationError'
'403':
$ref: '#/components/schemas/GenericError'
delete:
operationId: sources_user_connections_all_destroy
description: User-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this user source connection.
required: true
tags:
- sources
security:
- authentik: []
responses:
'204':
description: No response body
'400':
$ref: '#/components/schemas/ValidationError'
'403':
$ref: '#/components/schemas/GenericError'
/sources/user_connections/all/{id}/used_by/:
get:
operationId: sources_user_connections_all_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this user source connection.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
$ref: '#/components/schemas/ValidationError'
'403':
$ref: '#/components/schemas/GenericError'
/sources/user_connections/oauth/:
get:
operationId: sources_user_connections_oauth_list
@ -25616,6 +25796,41 @@ components:
required:
- pagination
- results
PaginatedUserSourceConnectionList:
type: object
properties:
pagination:
type: object
properties:
next:
type: number
previous:
type: number
count:
type: number
current:
type: number
total_pages:
type: number
start_index:
type: number
end_index:
type: number
required:
- next
- previous
- count
- current
- total_pages
- start_index
- end_index
results:
type: array
items:
$ref: '#/components/schemas/UserSourceConnection'
required:
- pagination
- results
PaginatedUserWriteStageList:
type: object
properties:
@ -27555,6 +27770,12 @@ components:
attributes:
type: object
additionalProperties: {}
PatchedUserSourceConnectionRequest:
type: object
description: OAuth Source Serializer
properties:
user:
type: integer
PatchedUserWriteStageRequest:
type: object
description: UserWriteStage Serializer
@ -29323,6 +29544,40 @@ components:
- slug
- verbose_name
- verbose_name_plural
SourceRequest:
type: object
description: Source Serializer
properties:
name:
type: string
description: Source's display Name.
slug:
type: string
description: Internal source name, used in URLs.
maxLength: 50
pattern: ^[-a-zA-Z0-9_]+$
enabled:
type: boolean
authentication_flow:
type: string
format: uuid
nullable: true
description: Flow to use when authenticating existing users.
enrollment_flow:
type: string
format: uuid
nullable: true
description: Flow to use when enrolling new users.
policy_engine_mode:
$ref: '#/components/schemas/PolicyEngineMode'
user_matching_mode:
allOf:
- $ref: '#/components/schemas/UserMatchingModeEnum'
description: How the source determines if an existing user should be authenticated
or a new user enrolled.
required:
- name
- slug
SourceType:
type: object
description: Serializer for SourceType
@ -30275,6 +30530,32 @@ components:
- component
- object_uid
- title
UserSourceConnection:
type: object
description: OAuth Source Serializer
properties:
pk:
type: integer
readOnly: true
title: ID
user:
type: integer
source:
allOf:
- $ref: '#/components/schemas/Source'
readOnly: true
required:
- pk
- source
- user
UserSourceConnectionRequest:
type: object
description: OAuth Source Serializer
properties:
user:
type: integer
required:
- user
UserWriteStage:
type: object
description: UserWriteStage Serializer