stages/identification: add UPN

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-06-10 22:48:39 +02:00
parent e35e096266
commit 676b77aa7c
7 changed files with 53 additions and 7 deletions

View File

@ -17,6 +17,7 @@ class UserFields(models.TextChoices):
E_MAIL = "email"
USERNAME = "username"
UPN = "upn"
class IdentificationStage(Stage):

View File

@ -96,7 +96,11 @@ class IdentificationStageView(ChallengeStageView):
current_stage: IdentificationStage = self.executor.current_stage
query = Q()
for search_field in current_stage.user_fields:
model_field = search_field
model_field = {
"email": "email",
"username": "username",
"upn": "attributes__upn",
}[search_field]
if current_stage.case_insensitive_matching:
model_field += "__iexact"
else:

View File

@ -27687,6 +27687,7 @@ components:
enum:
- email
- username
- upn
type: string
UserLoginStage:
type: object

View File

@ -11,7 +11,7 @@ import PFAlert from "@patternfly/patternfly/components/Alert/alert.css";
import AKGlobal from "../../../authentik.css";
import "../../../elements/forms/FormElement";
import "../../../elements/EmptyState";
import { FlowChallengeRequest, IdentificationChallenge, IdentificationChallengeResponseRequest, UILoginButton } from "authentik-api";
import { FlowChallengeRequest, IdentificationChallenge, IdentificationChallengeResponseRequest, UILoginButton, UserFieldsEnum } from "authentik-api";
export const PasswordManagerPrefill: {
password: string | undefined;
@ -149,13 +149,18 @@ export class IdentificationStage extends BaseStage<IdentificationChallenge, Iden
${t`Select one of the sources below to login.`}
</p>`;
}
if (this.challenge?.userFields === ["email"]) {
const fields = this.challenge?.userFields.sort() || [];
if (fields === [UserFieldsEnum.Email]) {
label = t`Email`;
type = "email";
} else if (this.challenge?.userFields === ["username"]) {
} else if (fields === [UserFieldsEnum.Username]) {
label = t`Username`;
} else {
} else if (fields === [UserFieldsEnum.Upn]) {
label = t`UPN`;
} else if (fields === [UserFieldsEnum.Email, UserFieldsEnum.Username]) {
label = t`Email or username`;
} else {
label = t`Email, UPN or username`;
}
return html`<ak-form-element
label=${label}

View File

@ -674,11 +674,14 @@ msgstr "Configuration"
#: src/pages/stages/authenticator_duo/AuthenticatorDuoStageForm.ts
#: src/pages/stages/authenticator_static/AuthenticatorStaticStageForm.ts
#: src/pages/stages/authenticator_totp/AuthenticatorTOTPStageForm.ts
#: src/pages/stages/authenticator_validate/AuthenticatorValidateStageForm.ts
#: src/pages/stages/password/PasswordStageForm.ts
msgid "Configuration flow"
msgstr "Configuration flow"
#: src/pages/stages/authenticator_validate/AuthenticatorValidateStageForm.ts
msgid "Configuration stage"
msgstr "Configuration stage"
#: src/pages/user-settings/settings/UserSettingsAuthenticatorWebAuthn.ts
msgid "Configure WebAuthn"
msgstr "Configure WebAuthn"
@ -1287,6 +1290,10 @@ msgstr "Email info:"
msgid "Email or username"
msgstr "Email or username"
#: src/flows/stages/identification/IdentificationStage.ts
msgid "Email, UPN or username"
msgstr "Email, UPN or username"
#: src/pages/stages/prompt/PromptForm.ts
msgid "Email: Text field with Email type."
msgstr "Email: Text field with Email type."
@ -3981,6 +3988,11 @@ msgstr "UI settings"
msgid "UID"
msgstr "UID"
#: src/flows/stages/identification/IdentificationStage.ts
#: src/pages/stages/identification/IdentificationStageForm.ts
msgid "UPN"
msgstr "UPN"
#: src/pages/sources/oauth/OAuthSourceForm.ts
msgid "URL settings"
msgstr "URL settings"
@ -4529,6 +4541,10 @@ msgstr "authentik Builtin Database"
msgid "authentik LDAP Backend"
msgstr "authentik LDAP Backend"
#: src/elements/forms/DeleteForm.ts
msgid "connecting object will be deleted"
msgstr "connecting object will be deleted"
#: src/elements/Tabs.ts
msgid "no tabs defined"
msgstr "no tabs defined"

View File

@ -669,10 +669,13 @@ msgstr ""
#:
#:
#:
#:
msgid "Configuration flow"
msgstr ""
#:
msgid "Configuration stage"
msgstr ""
#:
msgid "Configure WebAuthn"
msgstr ""
@ -1279,6 +1282,10 @@ msgstr ""
msgid "Email or username"
msgstr ""
#:
msgid "Email, UPN or username"
msgstr ""
#:
msgid "Email: Text field with Email type."
msgstr ""
@ -3969,6 +3976,11 @@ msgstr ""
msgid "UID"
msgstr ""
#:
#:
msgid "UPN"
msgstr ""
#:
msgid "URL settings"
msgstr ""
@ -4515,6 +4527,10 @@ msgstr ""
msgid "authentik LDAP Backend"
msgstr ""
#:
msgid "connecting object will be deleted"
msgstr ""
#:
msgid "no tabs defined"
msgstr ""

View File

@ -72,6 +72,9 @@ export class IdentificationStageForm extends ModelForm<IdentificationStage, stri
<option value=${UserFieldsEnum.Email} ?selected=${this.isUserFieldSelected(UserFieldsEnum.Email)}>
${t`Email`}
</option>
<option value=${UserFieldsEnum.Upn} ?selected=${this.isUserFieldSelected(UserFieldsEnum.Upn)}>
${t`UPN`}
</option>
</select>
<p class="pf-c-form__helper-text">${t`Fields a user can identify themselves with. If no fields are selected, the user will only be able to use sources.`}</p>
<p class="pf-c-form__helper-text">${t`Hold control/command to select multiple items.`}</p>