authentik/passbook/providers/app_gw/forms.py

"""passbook Application Security Gateway Forms"""
from django import forms
from oauth2_provider.generators import generate_client_id, generate_client_secret
from oidc_provider.models import Client, ResponseType

from passbook.providers.app_gw.models import ApplicationGatewayProvider


class ApplicationGatewayProviderForm(forms.ModelForm):
    """Security Gateway Provider form"""

    def save(self, *args, **kwargs):
        if not self.instance.pk:
            # New instance, so we create a new OIDC client with random keys
            self.instance.client = Client.objects.create(
                client_id=generate_client_id(), client_secret=generate_client_secret()
            )
        self.instance.client.name = self.instance.name
        self.instance.client.response_types.set(
            [ResponseType.objects.get_by_natural_key("code")]
        )
        self.instance.client.redirect_uris = [
            f"http://{self.instance.external_host}/oauth2/callback",
            f"https://{self.instance.external_host}/oauth2/callback",
            f"http://{self.instance.internal_host}/oauth2/callback",
            f"https://{self.instance.internal_host}/oauth2/callback",
        ]
        self.instance.client.scope = ["openid", "email"]
        self.instance.client.save()
        return super().save(*args, **kwargs)

    class Meta:

        model = ApplicationGatewayProvider
        fields = ["name", "authorization_flow", "internal_host", "external_host"]
        widgets = {
            "name": forms.TextInput(),
            "internal_host": forms.TextInput(),
            "external_host": forms.TextInput(),
        }
initial implementation of reverse proxy, using django-revproxy from within a middleware add new config entry "primary_domain" which is used to set the cookie domain 2019-03-20 21:42:47 +00:00			`"""passbook Application Security Gateway Forms"""`
			`from django import forms`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`from oauth2_provider.generators import generate_client_id, generate_client_secret`
providers/app_gw: fix Client's response_type not being set 2020-01-02 15:06:32 +00:00			`from oidc_provider.models import Client, ResponseType`
initial implementation of reverse proxy, using django-revproxy from within a middleware add new config entry "primary_domain" which is used to set the cookie domain 2019-03-20 21:42:47 +00:00
providers/appgw(major): rewrite to use oauth2_proxy 2019-11-11 17:13:46 +00:00			`from passbook.providers.app_gw.models import ApplicationGatewayProvider`
initial implementation of reverse proxy, using django-revproxy from within a middleware add new config entry "primary_domain" which is used to set the cookie domain 2019-03-20 21:42:47 +00:00

			`class ApplicationGatewayProviderForm(forms.ModelForm):`
			`"""Security Gateway Provider form"""`

providers/appgw(major): rewrite to use oauth2_proxy 2019-11-11 17:13:46 +00:00			`def save(self, args, *kwargs):`
			`if not self.instance.pk:`
			`# New instance, so we create a new OIDC client with random keys`
			`self.instance.client = Client.objects.create(`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`client_id=generate_client_id(), client_secret=generate_client_secret()`
			`)`
providers/appgw(major): rewrite to use oauth2_proxy 2019-11-11 17:13:46 +00:00			`self.instance.client.name = self.instance.name`
providers/app_gw: fix formatting 2020-01-02 19:22:36 +00:00			`self.instance.client.response_types.set(`
			`[ResponseType.objects.get_by_natural_key("code")]`
			`)`
providers/appgw(major): rewrite to use oauth2_proxy 2019-11-11 17:13:46 +00:00			`self.instance.client.redirect_uris = [`
providers/app_gw: separate host field into external_ and internal_ 2020-01-02 15:07:33 +00:00			`f"http://{self.instance.external_host}/oauth2/callback",`
			`f"https://{self.instance.external_host}/oauth2/callback",`
			`f"http://{self.instance.internal_host}/oauth2/callback",`
			`f"https://{self.instance.internal_host}/oauth2/callback",`
providers/appgw(major): rewrite to use oauth2_proxy 2019-11-11 17:13:46 +00:00			`]`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`self.instance.client.scope = ["openid", "email"]`
providers/appgw(major): rewrite to use oauth2_proxy 2019-11-11 17:13:46 +00:00			`self.instance.client.save()`
			`return super().save(args, *kwargs)`
validate upstream in form 2019-03-22 09:55:26 +00:00
initial implementation of reverse proxy, using django-revproxy from within a middleware add new config entry "primary_domain" which is used to set the cookie domain 2019-03-20 21:42:47 +00:00			`class Meta:`

			`model = ApplicationGatewayProvider`
WIP Use Flows for Sources and Providers (#32) * core: start migrating to flows for authorisation * sources/oauth: start type-hinting * core: create default user * core: only show user delete button if an unenrollment flow exists * flows: Correctly check initial policies on flow with context * policies: add more verbosity to engine * sources/oauth: migrate to flows * sources/oauth: fix typing errors * flows: add more tests * sources/oauth: start implementing unittests * sources/ldap: add option to disable user sync, move connection init to model * sources/ldap: re-add default PropertyMappings * providers/saml: re-add default PropertyMappings * admin: fix missing stage count * stages/identification: fix sources not being shown * crypto: fix being unable to save with private key * crypto: re-add default self-signed keypair * policies: rewrite cache_key to prevent wrong cache * sources/saml: migrate to flows for auth and enrollment * stages/consent: add new stage * admin: fix PropertyMapping widget not rendering properly * core: provider.authorization_flow is mandatory * flows: add support for "autosubmit" attribute on form * flows: add InMemoryStage for dynamic stages * flows: optionally allow empty flows from FlowPlanner * providers/saml: update to authorization_flow * sources/: fix flow executor URL flows: fix pylint error * flows: wrap responses in JSON object to easily handle redirects * flow: dont cache plan's context * providers/oauth: rewrite OAuth2 Provider to use flows * providers/: update docstrings of models core: fix forms not passing help_text through safe * flows: fix HttpResponses not being converted to JSON * providers/oidc: rewrite to use flows * flows: fix linting 2020-06-07 14:35:08 +00:00			`fields = ["name", "authorization_flow", "internal_host", "external_host"]`
add compiled regex to RewriteRule 2019-03-21 15:21:51 +00:00			`widgets = {`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`"name": forms.TextInput(),`
providers/app_gw: separate host field into external_ and internal_ 2020-01-02 15:07:33 +00:00			`"internal_host": forms.TextInput(),`
			`"external_host": forms.TextInput(),`
initial implementation of reverse proxy, using django-revproxy from within a middleware add new config entry "primary_domain" which is used to set the cookie domain 2019-03-20 21:42:47 +00:00			`}`