providers/proxy: add option to skip authentication for paths matching regular expressions

2020-09-19 11:31:48 +02:00 · 2020-09-19 11:31:48 +02:00 · 5689f25c39
parent a69c494feb
commit 5689f25c39
5 changed files with 40 additions and 0 deletions
--- a/passbook/providers/proxy/api.py
+++ b/passbook/providers/proxy/api.py
@ -55,6 +55,7 @@ class ProxyProviderSerializer(ModelSerializer):
            "internal_host",
            "external_host",
            "certificate",
+            "skip_path_regex",
        ]


@ -93,6 +94,7 @@ class ProxyOutpostConfigSerializer(ModelSerializer):
            "oidc_configuration",
            "cookie_secret",
            "certificate",
+            "skip_path_regex",
        ]

    @swagger_serializer_method(serializer_or_field=OpenIDConnectConfigurationSerializer)
--- a/passbook/providers/proxy/forms.py
+++ b/passbook/providers/proxy/forms.py
@ -35,6 +35,7 @@ class ProxyProviderForm(forms.ModelForm):
            "internal_host",
            "external_host",
            "certificate",
+            "skip_path_regex",
        ]
        widgets = {
            "name": forms.TextInput(),
--- a/passbook/providers/proxy/migrations/0006_proxyprovider_skip_path_regex.py
+++ b/passbook/providers/proxy/migrations/0006_proxyprovider_skip_path_regex.py
@ -0,0 +1,18 @@
+# Generated by Django 3.1.1 on 2020-09-19 09:14
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('passbook_providers_proxy', '0005_auto_20200914_1536'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='proxyprovider',
+            name='skip_path_regex',
+            field=models.TextField(blank=True, default='', help_text='Regular expression for which authentication is not required. Each new line is interpreted as a new Regular Expression.'),
+        ),
+    ]
--- a/passbook/providers/proxy/models.py
+++ b/passbook/providers/proxy/models.py
@ -49,6 +49,15 @@ class ProxyProvider(OutpostModel, OAuth2Provider):

    cookie_secret = models.TextField(default=get_cookie_secret)

+    skip_path_regex = models.TextField(
+        default="",
+        blank=True,
+        help_text=_((
+            "Regular expression for which authentication is not required. "
+            "Each new line is interpreted as a new Regular Expression."
+        ))
+    )
+
    certificate = models.ForeignKey(
        CertificateKeyPair, on_delete=models.SET_NULL, null=True, blank=True,
    )
--- a/swagger.yaml
+++ b/swagger.yaml
@ -6232,6 +6232,11 @@ definitions:
        type: string
        format: uuid
        x-nullable: true
+      skip_path_regex:
+        title: Skip path regex
+        description: Regular expression for which authentication is not required.
+          Each new line is interpreted as a new Regular Expression.
+        type: string
  Policy:
    type: object
    properties:
@ -6697,6 +6702,11 @@ definitions:
        type: string
        format: uuid
        x-nullable: true
+      skip_path_regex:
+        title: Skip path regex
+        description: Regular expression for which authentication is not required.
+          Each new line is interpreted as a new Regular Expression.
+        type: string
  SAMLProvider:
    required:
      - name