trustchain-oc1-orchestral/authentik
Archived
10
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

crypto: add download links as API fields

Browse source 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-06-10 13:46:12 +02:00
parent 2275ba3add
commit 3a64d97040
3 changed files with 37 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

26
authentik/crypto/api.py
View file

@ -3,6 +3,7 @@ from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives.serialization import load_pem_private_key
from cryptography.x509 import load_pem_x509_certificate
from django.http.response import HttpResponse
from django.urls import reverse
from django.utils.translation import gettext_lazy as _
from django_filters import FilterSet
from django_filters.filters import BooleanFilter
@ -35,6 +36,9 @@ class CertificateKeyPairSerializer(ModelSerializer):
cert_subject = SerializerMethodField()
private_key_available = SerializerMethodField()
certificate_download_url = SerializerMethodField()
private_key_download_url = SerializerMethodField()
def get_cert_subject(self, instance: CertificateKeyPair) -> str:
"""Get certificate subject as full rfc4514"""
return instance.certificate.subject.rfc4514_string()
@ -43,6 +47,26 @@ class CertificateKeyPairSerializer(ModelSerializer):
"""Show if this keypair has a private key configured or not"""
return instance.key_data != "" and instance.key_data is not None
def get_certificate_download_url(self, instance: CertificateKeyPair) -> str:
"""Get URL to download certificate"""
return (
reverse(
"authentik_api:certificatekeypair-view-certificate",
kwargs={"pk": instance.pk},
)
+ "?download"
)
def get_private_key_download_url(self, instance: CertificateKeyPair) -> str:
"""Get URL to download private key"""
return (
reverse(
"authentik_api:certificatekeypair-view-private-key",
kwargs={"pk": instance.pk},
)
+ "?download"
)
def validate_certificate_data(self, value: str) -> str:
"""Verify that input is a valid PEM x509 Certificate"""
try:
@ -79,6 +103,8 @@ class CertificateKeyPairSerializer(ModelSerializer):
"cert_expiry",
"cert_subject",
"private_key_available",
"certificate_download_url",
"private_key_download_url",
]
extra_kwargs = {
"key_data": {"write_only": True},

10
schema.yml
View file

@ -1,7 +1,7 @@
openapi: 3.0.3
info:
title: authentik
version: 2021.5.4
version: 2021.6.1-rc1
description: Making authentication simple.
contact:
email: hello@beryju.org
@ -18380,13 +18380,21 @@ components:
private_key_available:
type: boolean
readOnly: true
certificate_download_url:
type: string
readOnly: true
private_key_download_url:
type: string
readOnly: true
required:
- cert_expiry
- cert_subject
- certificate_download_url
- fingerprint
- name
- pk
- private_key_available
- private_key_download_url
CertificateKeyPairRequest:
type: object
description: CertificateKeyPair Serializer

4
web/src/pages/crypto/CertificateKeyPairListPage.ts
View file

@ -124,11 +124,11 @@ export class CertificateKeyPairListPage extends TablePage<CertificateKeyPair> {
<dd class="pf-c-description-list__description">
<div class="pf-c-description-list__text">
<a class="pf-c-button pf-m-secondary" target="_blank"
href="/api/v2beta/crypto/certificatekeypairs/${item.pk}/view_certificate/?download">
href=${item.certificateDownloadUrl}>
${t`Download Certificate`}
</a>
${item.privateKeyAvailable ? html`<a class="pf-c-button pf-m-secondary" target="_blank"
href="/api/v2beta/crypto/certificatekeypairs/${item.pk}/view_private_key/?download">
href=${item.privateKeyDownloadUrl}>
${t`Download Private key`}
</a>` : html``}
</div>