providers/proxy: use external_url for launch URL, hide setup URLs

This commit is contained in:
Jens Langhammer 2020-09-30 11:14:24 +02:00
parent 90ea6dba90
commit 02f5f12089
2 changed files with 38 additions and 14 deletions

View file

@ -39,28 +39,40 @@ class Migration(migrations.Migration):
operations = [ operations = [
migrations.AlterField( migrations.AlterField(
model_name='proxyprovider', model_name="proxyprovider",
name='internal_host_ssl_validation', name="internal_host_ssl_validation",
field=models.BooleanField( field=models.BooleanField(
default=True, help_text='Validate SSL Certificates of upstream servers', verbose_name='Internal host SSL Validation'), default=True,
help_text="Validate SSL Certificates of upstream servers",
verbose_name="Internal host SSL Validation",
),
), ),
migrations.AddField( migrations.AddField(
model_name='proxyprovider', model_name="proxyprovider",
name='basic_auth_enabled', name="basic_auth_enabled",
field=models.BooleanField( field=models.BooleanField(
default=False, help_text='Set a custom HTTP-Basic Authentication header based on values from passbook.', verbose_name='Set HTTP-Basic Authentication'), default=False,
help_text="Set a custom HTTP-Basic Authentication header based on values from passbook.",
verbose_name="Set HTTP-Basic Authentication",
),
), ),
migrations.AddField( migrations.AddField(
model_name='proxyprovider', model_name="proxyprovider",
name='basic_auth_password_attribute', name="basic_auth_password_attribute",
field=models.TextField( field=models.TextField(
blank=True, help_text='User Attribute used for the password part of the HTTP-Basic Header.', verbose_name='HTTP-Basic Password'), blank=True,
help_text="User Attribute used for the password part of the HTTP-Basic Header.",
verbose_name="HTTP-Basic Password",
),
), ),
migrations.AddField( migrations.AddField(
model_name='proxyprovider', model_name="proxyprovider",
name='basic_auth_user_attribute', name="basic_auth_user_attribute",
field=models.TextField( field=models.TextField(
blank=True, help_text="User Attribute used for the user part of the HTTP-Basic Header. If not set, the user's Email address is used.", verbose_name='HTTP-Basic Username'), blank=True,
help_text="User Attribute used for the user part of the HTTP-Basic Header. If not set, the user's Email address is used.",
verbose_name="HTTP-Basic Username",
),
), ),
migrations.RunPython(create_proxy_scope), migrations.RunPython(create_proxy_scope),
] ]

View file

@ -1,11 +1,12 @@
"""passbook proxy models""" """passbook proxy models"""
import string import string
from random import SystemRandom from random import SystemRandom
from typing import Iterable, Type from typing import Iterable, Optional, Type
from urllib.parse import urljoin from urllib.parse import urljoin
from django.db import models from django.db import models
from django.forms import ModelForm from django.forms import ModelForm
from django.http import HttpRequest
from django.utils.translation import gettext as _ from django.utils.translation import gettext as _
from passbook.crypto.models import CertificateKeyPair from passbook.crypto.models import CertificateKeyPair
@ -49,7 +50,9 @@ class ProxyProvider(OutpostModel, OAuth2Provider):
validators=[DomainlessURLValidator(schemes=("http", "https"))] validators=[DomainlessURLValidator(schemes=("http", "https"))]
) )
internal_host_ssl_validation = models.BooleanField( internal_host_ssl_validation = models.BooleanField(
default=True, help_text=_("Validate SSL Certificates of upstream servers") default=True,
help_text=_("Validate SSL Certificates of upstream servers"),
verbose_name=_("Internal host SSL Validation"),
) )
skip_path_regex = models.TextField( skip_path_regex = models.TextField(
@ -75,6 +78,15 @@ class ProxyProvider(OutpostModel, OAuth2Provider):
return ProxyProviderForm return ProxyProviderForm
@property
def launch_url(self) -> Optional[str]:
"""Use external_host as launch URL"""
return self.external_host
def html_setup_urls(self, request: HttpRequest) -> Optional[str]:
"""Overwrite Setup URLs as they are not needed for proxy"""
return None
def set_oauth_defaults(self): def set_oauth_defaults(self):
"""Ensure all OAuth2-related settings are correct""" """Ensure all OAuth2-related settings are correct"""
self.client_type = ClientTypes.CONFIDENTIAL self.client_type = ClientTypes.CONFIDENTIAL