authentik/passbook/providers/proxy/api.py

"""ProxyProvider API Views"""
from drf_yasg2.utils import swagger_serializer_method
from rest_framework.fields import CharField, ListField, SerializerMethodField
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.serializers import ModelSerializer, Serializer
from rest_framework.viewsets import ModelViewSet

from passbook.providers.oauth2.views.provider import ProviderInfoView
from passbook.providers.proxy.models import ProxyProvider


class OpenIDConnectConfigurationSerializer(Serializer):
    """rest_framework Serializer for OIDC Configuration"""

    issuer = CharField()
    authorization_endpoint = CharField()
    token_endpoint = CharField()
    userinfo_endpoint = CharField()
    end_session_endpoint = CharField()
    introspection_endpoint = CharField()
    jwks_uri = CharField()

    response_types_supported = ListField(child=CharField())
    id_token_signing_alg_values_supported = ListField(child=CharField())
    subject_types_supported = ListField(child=CharField())
    token_endpoint_auth_methods_supported = ListField(child=CharField())

    def create(self, request: Request) -> Response:
        raise NotImplementedError

    def update(self, request: Request) -> Response:
        raise NotImplementedError


class ProxyProviderSerializer(ModelSerializer):
    """ProxyProvider Serializer"""

    def create(self, validated_data):
        instance: ProxyProvider = super().create(validated_data)
        instance.set_oauth_defaults()
        instance.save()
        return instance

    def update(self, instance: ProxyProvider, validated_data):
        instance.set_oauth_defaults()
        return super().update(instance, validated_data)

    class Meta:

        model = ProxyProvider
        fields = [
            "pk",
            "name",
            "internal_host",
            "external_host",
            "internal_host_ssl_validation",
            "certificate",
            "skip_path_regex",
            "basic_auth_enabled",
            "basic_auth_password_attribute",
            "basic_auth_user_attribute",
        ]


class ProxyProviderViewSet(ModelViewSet):
    """ProxyProvider Viewset"""

    queryset = ProxyProvider.objects.all()
    serializer_class = ProxyProviderSerializer


class ProxyOutpostConfigSerializer(ModelSerializer):
    """ProxyProvider Serializer"""

    oidc_configuration = SerializerMethodField()

    def create(self, validated_data):
        instance: ProxyProvider = super().create(validated_data)
        instance.set_oauth_defaults()
        instance.save()
        return instance

    def update(self, instance: ProxyProvider, validated_data):
        instance.set_oauth_defaults()
        return super().update(instance, validated_data)

    class Meta:

        model = ProxyProvider
        fields = [
            "pk",
            "name",
            "internal_host",
            "external_host",
            "internal_host_ssl_validation",
            "client_id",
            "client_secret",
            "oidc_configuration",
            "cookie_secret",
            "certificate",
            "skip_path_regex",
            "basic_auth_enabled",
            "basic_auth_password_attribute",
            "basic_auth_user_attribute",
        ]

    @swagger_serializer_method(serializer_or_field=OpenIDConnectConfigurationSerializer)
    def get_oidc_configuration(self, obj: ProxyProvider):
        """Embed OpenID Connect provider information"""
        # pylint: disable=protected-access
        return ProviderInfoView(request=self.context["request"]._request).get_info(obj)


class OutpostConfigViewSet(ModelViewSet):
    """ProxyProvider Viewset"""

    queryset = ProxyProvider.objects.filter(application__isnull=False)
    serializer_class = ProxyOutpostConfigSerializer
OAuth Provider Rewrite (#182) 2020-08-19 08:32:44 +00:00			`"""ProxyProvider API Views"""`
root: switch from drf-yasg to drf_yasg2 and up rest_framework 2020-10-16 20:54:14 +00:00			`from drf_yasg2.utils import swagger_serializer_method`
Proxy v2 (#189) 2020-09-02 22:04:12 +00:00			`from rest_framework.fields import CharField, ListField, SerializerMethodField`
			`from rest_framework.request import Request`
			`from rest_framework.response import Response`
			`from rest_framework.serializers import ModelSerializer, Serializer`
OAuth Provider Rewrite (#182) 2020-08-19 08:32:44 +00:00			`from rest_framework.viewsets import ModelViewSet`

Proxy v2 (#189) 2020-09-02 22:04:12 +00:00			`from passbook.providers.oauth2.views.provider import ProviderInfoView`
OAuth Provider Rewrite (#182) 2020-08-19 08:32:44 +00:00			`from passbook.providers.proxy.models import ProxyProvider`


Proxy v2 (#189) 2020-09-02 22:04:12 +00:00			`class OpenIDConnectConfigurationSerializer(Serializer):`
			`"""rest_framework Serializer for OIDC Configuration"""`

			`issuer = CharField()`
			`authorization_endpoint = CharField()`
			`token_endpoint = CharField()`
			`userinfo_endpoint = CharField()`
			`end_session_endpoint = CharField()`
			`introspection_endpoint = CharField()`
			`jwks_uri = CharField()`

			`response_types_supported = ListField(child=CharField())`
			`id_token_signing_alg_values_supported = ListField(child=CharField())`
			`subject_types_supported = ListField(child=CharField())`
			`token_endpoint_auth_methods_supported = ListField(child=CharField())`

			`def create(self, request: Request) -> Response:`
			`raise NotImplementedError`

			`def update(self, request: Request) -> Response:`
			`raise NotImplementedError`


OAuth Provider Rewrite (#182) 2020-08-19 08:32:44 +00:00			`class ProxyProviderSerializer(ModelSerializer):`
			`"""ProxyProvider Serializer"""`

			`def create(self, validated_data):`
			`instance: ProxyProvider = super().create(validated_data)`
			`instance.set_oauth_defaults()`
			`instance.save()`
			`return instance`

			`def update(self, instance: ProxyProvider, validated_data):`
			`instance.set_oauth_defaults()`
			`return super().update(instance, validated_data)`

			`class Meta:`

			`model = ProxyProvider`
Proxy v2 (#189) 2020-09-02 22:04:12 +00:00			`fields = [`
			`"pk",`
			`"name",`
			`"internal_host",`
			`"external_host",`
providers/proxy: make upstream SSL Validation configurable 2020-09-23 10:20:09 +00:00			`"internal_host_ssl_validation",`
Proxy v2 (#189) 2020-09-02 22:04:12 +00:00			`"certificate",`
providers/proxy: add option to skip authentication for paths matching regular expressions 2020-09-19 09:31:48 +00:00			`"skip_path_regex",`
providers/proxy: start implementing basic_auth_enabled see #244 2020-09-30 09:15:17 +00:00			`"basic_auth_enabled",`
			`"basic_auth_password_attribute",`
			`"basic_auth_user_attribute",`
Proxy v2 (#189) 2020-09-02 22:04:12 +00:00			`]`
OAuth Provider Rewrite (#182) 2020-08-19 08:32:44 +00:00

			`class ProxyProviderViewSet(ModelViewSet):`
			`"""ProxyProvider Viewset"""`

			`queryset = ProxyProvider.objects.all()`
			`serializer_class = ProxyProviderSerializer`
Proxy v2 (#189) 2020-09-02 22:04:12 +00:00

			`class ProxyOutpostConfigSerializer(ModelSerializer):`
			`"""ProxyProvider Serializer"""`

			`oidc_configuration = SerializerMethodField()`

			`def create(self, validated_data):`
			`instance: ProxyProvider = super().create(validated_data)`
			`instance.set_oauth_defaults()`
			`instance.save()`
			`return instance`

			`def update(self, instance: ProxyProvider, validated_data):`
			`instance.set_oauth_defaults()`
			`return super().update(instance, validated_data)`

			`class Meta:`

			`model = ProxyProvider`
			`fields = [`
			`"pk",`
			`"name",`
			`"internal_host",`
			`"external_host",`
providers/proxy: make upstream SSL Validation configurable 2020-09-23 10:20:09 +00:00			`"internal_host_ssl_validation",`
Proxy v2 (#189) 2020-09-02 22:04:12 +00:00			`"client_id",`
			`"client_secret",`
			`"oidc_configuration",`
			`"cookie_secret",`
			`"certificate",`
providers/proxy: add option to skip authentication for paths matching regular expressions 2020-09-19 09:31:48 +00:00			`"skip_path_regex",`
providers/proxy: start implementing basic_auth_enabled see #244 2020-09-30 09:15:17 +00:00			`"basic_auth_enabled",`
			`"basic_auth_password_attribute",`
			`"basic_auth_user_attribute",`
Proxy v2 (#189) 2020-09-02 22:04:12 +00:00			`]`

			`@swagger_serializer_method(serializer_or_field=OpenIDConnectConfigurationSerializer)`
			`def get_oidc_configuration(self, obj: ProxyProvider):`
			`"""Embed OpenID Connect provider information"""`
			`# pylint: disable=protected-access`
			`return ProviderInfoView(request=self.context["request"]._request).get_info(obj)`


			`class OutpostConfigViewSet(ModelViewSet):`
			`"""ProxyProvider Viewset"""`

			`queryset = ProxyProvider.objects.filter(application__isnull=False)`
			`serializer_class = ProxyOutpostConfigSerializer`