import "@goauthentik/admin/common/ak-flow-search/ak-source-flow-search"; import { iconHelperText, placeholderHelperText } from "@goauthentik/admin/helperText"; import { BaseSourceForm } from "@goauthentik/admin/sources/BaseSourceForm"; import { GroupMatchingModeToLabel, UserMatchingModeToLabel, } from "@goauthentik/admin/sources/oauth/utils"; import { DEFAULT_CONFIG, config } from "@goauthentik/common/api/config"; import "@goauthentik/components/ak-switch-input"; import "@goauthentik/components/ak-text-input"; import "@goauthentik/components/ak-textarea-input"; import { CapabilitiesEnum, WithCapabilitiesConfig, } from "@goauthentik/elements/Interface/capabilitiesProvider"; import "@goauthentik/elements/ak-dual-select/ak-dual-select-dynamic-selected-provider.js"; import "@goauthentik/elements/forms/FormGroup"; import "@goauthentik/elements/forms/HorizontalFormElement"; import "@goauthentik/elements/forms/SearchSelect"; import { msg } from "@lit/localize"; import { TemplateResult, html } from "lit"; import { customElement, state } from "lit/decorators.js"; import { ifDefined } from "lit/directives/if-defined.js"; import { FlowsInstancesListDesignationEnum, GroupMatchingModeEnum, KadminTypeEnum, KerberosSource, KerberosSourceRequest, SourcesApi, UserMatchingModeEnum, } from "@goauthentik/api"; import { propertyMappingsProvider, propertyMappingsSelector } from "./KerberosSourceFormHelpers.js"; @customElement("ak-source-kerberos-form") export class KerberosSourceForm extends WithCapabilitiesConfig(BaseSourceForm) { async loadInstance(pk: string): Promise { const source = await new SourcesApi(DEFAULT_CONFIG).sourcesKerberosRetrieve({ slug: pk, }); this.clearIcon = false; return source; } @state() clearIcon = false; async send(data: KerberosSource): Promise { let source: KerberosSource; if (this.instance) { source = await new SourcesApi(DEFAULT_CONFIG).sourcesKerberosPartialUpdate({ slug: this.instance.slug, patchedKerberosSourceRequest: data, }); } else { source = await new SourcesApi(DEFAULT_CONFIG).sourcesKerberosCreate({ kerberosSourceRequest: data as unknown as KerberosSourceRequest, }); } const c = await config(); if (c.capabilities.includes(CapabilitiesEnum.CanSaveMedia)) { const icon = this.getFormFiles().icon; if (icon || this.clearIcon) { await new SourcesApi(DEFAULT_CONFIG).sourcesAllSetIconCreate({ slug: source.slug, file: icon, clear: this.clearIcon, }); } } else { await new SourcesApi(DEFAULT_CONFIG).sourcesAllSetIconUrlCreate({ slug: source.slug, filePathRequest: { url: data.icon || "", }, }); } return source; } renderForm(): TemplateResult { return html` ${msg("Realm settings")}
${msg("Sync connection settings")}

${msg( "Password used to authenticate to the KDC for syncing. Optional if Sync keytab or Sync credentials cache is provided.", )}

${msg( "Keytab used to authenticate to the KDC for syncing. Optional if Sync password or Sync credentials cache is provided. Must be base64 encoded or in the form TYPE:residual.", )}

${msg("SPNEGO settings")}

${msg( "Keytab used for SPNEGO. Optional if SPNEGO credentials cache is provided. Must be base64 encoded or in the form TYPE:residual.", )}

${msg("Kerberos Attribute mapping")}

${msg("Property mappings for user creation.")}

${msg("Property mappings for group creation.")}

${msg("Flow settings")}

${msg("Flow to use when authenticating existing users.")}

${msg("Flow to use when enrolling new users.")}

${msg("Additional settings")}
${this.can(CapabilitiesEnum.CanSaveMedia) ? html` ${this.instance?.icon ? html`

${msg("Currently set to:")} ${this.instance?.icon}

` : html``} ${this.instance?.icon ? html`

${msg("Delete currently set icon.")}

` : html``}` : html`

${iconHelperText}

`} `; } } declare global { interface HTMLElementTagNameMap { "ak-source-kerberos-form": KerberosSourceForm; } }