28ddeb124f
* basic user sync Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add group sync and some refactor Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start API Signed-off-by: Jens Langhammer <jens@goauthentik.io> * allow null authorization flow Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add UI Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make task monitored Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add missing dependency Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make authorization_flow required for most providers via API Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more UI Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make task result better readable, exclude anonymous user Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add task UI Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add scheduled task for all sync Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make scim errors more readable Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add mappings, migrate to mappings Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add mapping UI and more Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add scim docs to web Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start implementing membership Signed-off-by: Jens Langhammer <jens@goauthentik.io> * migrate signals to tasks Signed-off-by: Jens Langhammer <jens@goauthentik.io> * migrate fully to tasks Signed-off-by: Jens Langhammer <jens@goauthentik.io> * strip none keys, fix lint errors Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix things Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start adding tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix saml Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add scim schemas and validate against it Signed-off-by: Jens Langhammer <jens@goauthentik.io> * improve error handling Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add group put support, add group tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * send correct application/scim+json headers Signed-off-by: Jens Langhammer <jens@goauthentik.io> * stop sync if no mappings are confiugred Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add test for task sync Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add membership tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use decorator for tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make tests better Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
98 lines
3.2 KiB
Python
98 lines
3.2 KiB
Python
"""Provider API Views"""
|
|
from django.utils.translation import gettext_lazy as _
|
|
from drf_spectacular.utils import extend_schema
|
|
from rest_framework import mixins
|
|
from rest_framework.decorators import action
|
|
from rest_framework.fields import ReadOnlyField
|
|
from rest_framework.request import Request
|
|
from rest_framework.response import Response
|
|
from rest_framework.serializers import ModelSerializer, SerializerMethodField
|
|
from rest_framework.viewsets import GenericViewSet
|
|
|
|
from authentik.core.api.used_by import UsedByMixin
|
|
from authentik.core.api.utils import MetaNameSerializer, TypeCreateSerializer
|
|
from authentik.core.models import Provider
|
|
from authentik.lib.utils.reflection import all_subclasses
|
|
|
|
|
|
class ProviderSerializer(ModelSerializer, MetaNameSerializer):
|
|
"""Provider Serializer"""
|
|
|
|
assigned_application_slug = ReadOnlyField(source="application.slug")
|
|
assigned_application_name = ReadOnlyField(source="application.name")
|
|
|
|
component = SerializerMethodField()
|
|
|
|
def get_component(self, obj: Provider) -> str: # pragma: no cover
|
|
"""Get object component so that we know how to edit the object"""
|
|
# pyright: reportGeneralTypeIssues=false
|
|
if obj.__class__ == Provider:
|
|
return ""
|
|
return obj.component
|
|
|
|
class Meta:
|
|
model = Provider
|
|
fields = [
|
|
"pk",
|
|
"name",
|
|
"authorization_flow",
|
|
"property_mappings",
|
|
"component",
|
|
"assigned_application_slug",
|
|
"assigned_application_name",
|
|
"verbose_name",
|
|
"verbose_name_plural",
|
|
"meta_model_name",
|
|
]
|
|
extra_kwargs = {
|
|
"authorization_flow": {"required": True, "allow_null": False},
|
|
}
|
|
|
|
|
|
class ProviderViewSet(
|
|
mixins.RetrieveModelMixin,
|
|
mixins.DestroyModelMixin,
|
|
UsedByMixin,
|
|
mixins.ListModelMixin,
|
|
GenericViewSet,
|
|
):
|
|
"""Provider Viewset"""
|
|
|
|
queryset = Provider.objects.none()
|
|
serializer_class = ProviderSerializer
|
|
filterset_fields = {
|
|
"application": ["isnull"],
|
|
}
|
|
search_fields = [
|
|
"name",
|
|
"application__name",
|
|
]
|
|
|
|
def get_queryset(self): # pragma: no cover
|
|
return Provider.objects.select_subclasses()
|
|
|
|
@extend_schema(responses={200: TypeCreateSerializer(many=True)})
|
|
@action(detail=False, pagination_class=None, filter_backends=[])
|
|
def types(self, request: Request) -> Response:
|
|
"""Get all creatable provider types"""
|
|
data = []
|
|
for subclass in all_subclasses(self.queryset.model):
|
|
subclass: Provider
|
|
data.append(
|
|
{
|
|
"name": subclass._meta.verbose_name,
|
|
"description": subclass.__doc__,
|
|
"component": subclass().component,
|
|
"model_name": subclass._meta.model_name,
|
|
}
|
|
)
|
|
data.append(
|
|
{
|
|
"name": _("SAML Provider from Metadata"),
|
|
"description": _("Create a SAML Provider by importing its Metadata."),
|
|
"component": "ak-provider-saml-import-form",
|
|
"model_name": "",
|
|
}
|
|
)
|
|
return Response(TypeCreateSerializer(data, many=True).data)
|