From 9c9addb0ce2f2455af6910481bdb56000f56f6e4 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Sat, 7 Aug 2021 16:12:38 +0200 Subject: [PATCH] *: ensure all resources can be filtered Signed-off-by: Jens Langhammer --- authentik/events/api/notification_rule.py | 2 + .../events/api/notification_transport.py | 13 +- authentik/outposts/api/outposts.py | 2 + authentik/outposts/api/service_connections.py | 4 + authentik/policies/dummy/api.py | 2 + authentik/policies/event_matcher/api.py | 2 + authentik/policies/expiry/api.py | 2 + authentik/policies/expression/api.py | 2 + authentik/policies/hibp/api.py | 2 + authentik/policies/password/api.py | 2 + authentik/policies/reputation/api.py | 2 + authentik/providers/ldap/api.py | 1 + authentik/providers/oauth2/api/provider.py | 19 + authentik/providers/oauth2/api/scope.py | 2 + authentik/providers/proxy/api.py | 1 + authentik/providers/saml/api.py | 4 + authentik/sources/ldap/api.py | 27 + authentik/sources/oauth/api/source.py | 16 + authentik/sources/plex/api.py | 12 + authentik/sources/saml/api.py | 2 + authentik/stages/authenticator_duo/api.py | 7 + authentik/stages/authenticator_static/api.py | 2 + authentik/stages/authenticator_totp/api.py | 2 + .../stages/authenticator_validate/api.py | 2 + .../stages/authenticator_webauthn/api.py | 2 + authentik/stages/captcha/api.py | 2 + authentik/stages/consent/api.py | 2 + authentik/stages/deny/api.py | 2 + authentik/stages/dummy/api.py | 2 + authentik/stages/email/api.py | 15 + authentik/stages/identification/api.py | 9 + authentik/stages/invitation/api.py | 2 + authentik/stages/password/api.py | 6 + authentik/stages/prompt/api.py | 2 + authentik/stages/user_delete/api.py | 2 + authentik/stages/user_login/api.py | 2 + authentik/stages/user_logout/api.py | 2 + authentik/stages/user_write/api.py | 2 + authentik/tenants/api.py | 1 + schema.yml | 1548 ++++++++++++++++- 40 files changed, 1722 insertions(+), 11 deletions(-) diff --git a/authentik/events/api/notification_rule.py b/authentik/events/api/notification_rule.py index 253a53ab4..45903271d 100644 --- a/authentik/events/api/notification_rule.py +++ b/authentik/events/api/notification_rule.py @@ -30,3 +30,5 @@ class NotificationRuleViewSet(UsedByMixin, ModelViewSet): queryset = NotificationRule.objects.all() serializer_class = NotificationRuleSerializer + filterset_fields = ["name", "severity", "group__name"] + ordering = ["name"] diff --git a/authentik/events/api/notification_transport.py b/authentik/events/api/notification_transport.py index ad4d9f187..7b3adc06d 100644 --- a/authentik/events/api/notification_transport.py +++ b/authentik/events/api/notification_transport.py @@ -5,11 +5,12 @@ from rest_framework.decorators import action from rest_framework.fields import CharField, ListField, SerializerMethodField from rest_framework.request import Request from rest_framework.response import Response -from rest_framework.serializers import ModelSerializer, Serializer +from rest_framework.serializers import ModelSerializer from rest_framework.viewsets import ModelViewSet from authentik.api.decorators import permission_required from authentik.core.api.used_by import UsedByMixin +from authentik.core.api.utils import PassiveSerializer from authentik.events.models import ( Notification, NotificationSeverity, @@ -41,23 +42,19 @@ class NotificationTransportSerializer(ModelSerializer): ] -class NotificationTransportTestSerializer(Serializer): +class NotificationTransportTestSerializer(PassiveSerializer): """Notification test serializer""" messages = ListField(child=CharField()) - def create(self, validated_data: Request) -> Response: - raise NotImplementedError - - def update(self, request: Request) -> Response: - raise NotImplementedError - class NotificationTransportViewSet(UsedByMixin, ModelViewSet): """NotificationTransport Viewset""" queryset = NotificationTransport.objects.all() serializer_class = NotificationTransportSerializer + filterset_fields = ["name", "mode", "webhook_url", "send_once"] + ordering = ["name"] @permission_required("authentik_events.change_notificationtransport") @extend_schema( diff --git a/authentik/outposts/api/outposts.py b/authentik/outposts/api/outposts.py index a2a0ddefb..f011b9242 100644 --- a/authentik/outposts/api/outposts.py +++ b/authentik/outposts/api/outposts.py @@ -99,6 +99,8 @@ class OutpostViewSet(UsedByMixin, ModelViewSet): serializer_class = OutpostSerializer filterset_fields = { "providers": ["isnull"], + "name": ["iexact", "icontains"], + "service_connection__name": ["iexact", "icontains"], } search_fields = [ "name", diff --git a/authentik/outposts/api/service_connections.py b/authentik/outposts/api/service_connections.py index 8cf25b994..4b3fa0123 100644 --- a/authentik/outposts/api/service_connections.py +++ b/authentik/outposts/api/service_connections.py @@ -115,6 +115,8 @@ class DockerServiceConnectionViewSet(UsedByMixin, ModelViewSet): queryset = DockerServiceConnection.objects.all() serializer_class = DockerServiceConnectionSerializer + filterset_fields = ["name", "local", "url", "tls_verification", "tls_authentication"] + ordering = ["name"] class KubernetesServiceConnectionSerializer(ServiceConnectionSerializer): @@ -147,3 +149,5 @@ class KubernetesServiceConnectionViewSet(UsedByMixin, ModelViewSet): queryset = KubernetesServiceConnection.objects.all() serializer_class = KubernetesServiceConnectionSerializer + filterset_fields = ["name", "local"] + ordering = ["name"] diff --git a/authentik/policies/dummy/api.py b/authentik/policies/dummy/api.py index 789d18de4..5dbe1b0d7 100644 --- a/authentik/policies/dummy/api.py +++ b/authentik/policies/dummy/api.py @@ -19,3 +19,5 @@ class DummyPolicyViewSet(UsedByMixin, ModelViewSet): queryset = DummyPolicy.objects.all() serializer_class = DummyPolicySerializer + filterset_fields = "__all__" + ordering = ["name"] diff --git a/authentik/policies/event_matcher/api.py b/authentik/policies/event_matcher/api.py index 9e998bb53..e73c70053 100644 --- a/authentik/policies/event_matcher/api.py +++ b/authentik/policies/event_matcher/api.py @@ -23,3 +23,5 @@ class EventMatcherPolicyViewSet(UsedByMixin, ModelViewSet): queryset = EventMatcherPolicy.objects.all() serializer_class = EventMatcherPolicySerializer + filterset_fields = "__all__" + ordering = ["name"] diff --git a/authentik/policies/expiry/api.py b/authentik/policies/expiry/api.py index e83ac2fbf..73eb0c366 100644 --- a/authentik/policies/expiry/api.py +++ b/authentik/policies/expiry/api.py @@ -19,3 +19,5 @@ class PasswordExpiryPolicyViewSet(UsedByMixin, ModelViewSet): queryset = PasswordExpiryPolicy.objects.all() serializer_class = PasswordExpiryPolicySerializer + filterset_fields = "__all__" + ordering = ["name"] diff --git a/authentik/policies/expression/api.py b/authentik/policies/expression/api.py index 26a39ff1f..176afb068 100644 --- a/authentik/policies/expression/api.py +++ b/authentik/policies/expression/api.py @@ -26,3 +26,5 @@ class ExpressionPolicyViewSet(UsedByMixin, ModelViewSet): queryset = ExpressionPolicy.objects.all() serializer_class = ExpressionPolicySerializer + filterset_fields = "__all__" + ordering = ["name"] diff --git a/authentik/policies/hibp/api.py b/authentik/policies/hibp/api.py index 86cbfdb95..de7a86a2d 100644 --- a/authentik/policies/hibp/api.py +++ b/authentik/policies/hibp/api.py @@ -19,3 +19,5 @@ class HaveIBeenPwendPolicyViewSet(UsedByMixin, ModelViewSet): queryset = HaveIBeenPwendPolicy.objects.all() serializer_class = HaveIBeenPwendPolicySerializer + filterset_fields = "__all__" + ordering = ["name"] diff --git a/authentik/policies/password/api.py b/authentik/policies/password/api.py index fc11a1c6d..17163eebf 100644 --- a/authentik/policies/password/api.py +++ b/authentik/policies/password/api.py @@ -27,3 +27,5 @@ class PasswordPolicyViewSet(UsedByMixin, ModelViewSet): queryset = PasswordPolicy.objects.all() serializer_class = PasswordPolicySerializer + filterset_fields = "__all__" + ordering = ["name"] diff --git a/authentik/policies/reputation/api.py b/authentik/policies/reputation/api.py index 2d5f610c3..0db5a5b6c 100644 --- a/authentik/policies/reputation/api.py +++ b/authentik/policies/reputation/api.py @@ -25,6 +25,8 @@ class ReputationPolicyViewSet(UsedByMixin, ModelViewSet): queryset = ReputationPolicy.objects.all() serializer_class = ReputationPolicySerializer + filterset_fields = "__all__" + ordering = ["name"] class IPReputationSerializer(ModelSerializer): diff --git a/authentik/providers/ldap/api.py b/authentik/providers/ldap/api.py index 01f49fdc4..91b692223 100644 --- a/authentik/providers/ldap/api.py +++ b/authentik/providers/ldap/api.py @@ -29,6 +29,7 @@ class LDAPProviderViewSet(UsedByMixin, ModelViewSet): queryset = LDAPProvider.objects.all() serializer_class = LDAPProviderSerializer + filterset_fields = "__all__" ordering = ["name"] diff --git a/authentik/providers/oauth2/api/provider.py b/authentik/providers/oauth2/api/provider.py index e601b6661..d5e68b619 100644 --- a/authentik/providers/oauth2/api/provider.py +++ b/authentik/providers/oauth2/api/provider.py @@ -62,6 +62,25 @@ class OAuth2ProviderViewSet(UsedByMixin, ModelViewSet): queryset = OAuth2Provider.objects.all() serializer_class = OAuth2ProviderSerializer + filterset_fields = [ + "name", + "authorization_flow", + "property_mappings", + "application", + "authorization_flow", + "client_type", + "client_id", + "access_code_validity", + "token_validity", + "include_claims_in_id_token", + "jwt_alg", + "rsa_key", + "redirect_uris", + "sub_mode", + "property_mappings", + "issuer_mode", + ] + ordering = ["name"] @extend_schema( responses={ diff --git a/authentik/providers/oauth2/api/scope.py b/authentik/providers/oauth2/api/scope.py index 20aaf06dc..643cecb21 100644 --- a/authentik/providers/oauth2/api/scope.py +++ b/authentik/providers/oauth2/api/scope.py @@ -23,3 +23,5 @@ class ScopeMappingViewSet(UsedByMixin, ModelViewSet): queryset = ScopeMapping.objects.all() serializer_class = ScopeMappingSerializer + filterset_fields = ["scope_name", "name", "managed"] + ordering = ["scope_name", "name"] diff --git a/authentik/providers/proxy/api.py b/authentik/providers/proxy/api.py index 450fde22a..082a483ad 100644 --- a/authentik/providers/proxy/api.py +++ b/authentik/providers/proxy/api.py @@ -80,6 +80,7 @@ class ProxyProviderViewSet(UsedByMixin, ModelViewSet): queryset = ProxyProvider.objects.all() serializer_class = ProxyProviderSerializer + filterset_fields = "__all__" ordering = ["name"] diff --git a/authentik/providers/saml/api.py b/authentik/providers/saml/api.py index 7182fb591..9fd9bf592 100644 --- a/authentik/providers/saml/api.py +++ b/authentik/providers/saml/api.py @@ -89,6 +89,8 @@ class SAMLProviderViewSet(UsedByMixin, ModelViewSet): queryset = SAMLProvider.objects.all() serializer_class = SAMLProviderSerializer + filterset_fields = "__all__" + ordering = ["name"] @extend_schema( responses={ @@ -183,3 +185,5 @@ class SAMLPropertyMappingViewSet(UsedByMixin, ModelViewSet): queryset = SAMLPropertyMapping.objects.all() serializer_class = SAMLPropertyMappingSerializer + filterset_fields = "__all__" + ordering = ["name"] diff --git a/authentik/sources/ldap/api.py b/authentik/sources/ldap/api.py index 5113da93b..6860405c9 100644 --- a/authentik/sources/ldap/api.py +++ b/authentik/sources/ldap/api.py @@ -48,6 +48,31 @@ class LDAPSourceViewSet(UsedByMixin, ModelViewSet): queryset = LDAPSource.objects.all() serializer_class = LDAPSourceSerializer lookup_field = "slug" + filterset_fields = [ + "name", + "slug", + "enabled", + "authentication_flow", + "enrollment_flow", + "policy_engine_mode", + "server_uri", + "bind_cn", + "start_tls", + "base_dn", + "additional_user_dn", + "additional_group_dn", + "user_object_filter", + "group_object_filter", + "group_membership_field", + "object_uniqueness_field", + "sync_users", + "sync_users_password", + "sync_groups", + "sync_parent_group", + "property_mappings", + "property_mappings_group", + ] + ordering = ["name"] @extend_schema( responses={ @@ -81,3 +106,5 @@ class LDAPPropertyMappingViewSet(UsedByMixin, ModelViewSet): queryset = LDAPPropertyMapping.objects.all() serializer_class = LDAPPropertyMappingSerializer + filterset_fields = "__all__" + ordering = ["name"] diff --git a/authentik/sources/oauth/api/source.py b/authentik/sources/oauth/api/source.py index dc17be781..2c37008f2 100644 --- a/authentik/sources/oauth/api/source.py +++ b/authentik/sources/oauth/api/source.py @@ -83,6 +83,22 @@ class OAuthSourceViewSet(UsedByMixin, ModelViewSet): queryset = OAuthSource.objects.all() serializer_class = OAuthSourceSerializer lookup_field = "slug" + filterset_fields = [ + "name", + "slug", + "enabled", + "authentication_flow", + "enrollment_flow", + "policy_engine_mode", + "user_matching_mode", + "provider_type", + "request_token_url", + "authorization_url", + "access_token_url", + "profile_url", + "consumer_key", + ] + ordering = ["name"] @extend_schema(responses={200: SourceTypeSerializer(many=True)}) @action(detail=False, pagination_class=None, filter_backends=[]) diff --git a/authentik/sources/plex/api.py b/authentik/sources/plex/api.py index 02ce89fd3..fb56c178c 100644 --- a/authentik/sources/plex/api.py +++ b/authentik/sources/plex/api.py @@ -49,6 +49,18 @@ class PlexSourceViewSet(UsedByMixin, ModelViewSet): queryset = PlexSource.objects.all() serializer_class = PlexSourceSerializer lookup_field = "slug" + filterset_fields = [ + "name", + "slug", + "enabled", + "authentication_flow", + "enrollment_flow", + "policy_engine_mode", + "user_matching_mode", + "client_id", + "allow_friends", + ] + ordering = ["name"] @permission_required(None) @extend_schema( diff --git a/authentik/sources/saml/api.py b/authentik/sources/saml/api.py index 063970f8c..abc9216f8 100644 --- a/authentik/sources/saml/api.py +++ b/authentik/sources/saml/api.py @@ -40,6 +40,8 @@ class SAMLSourceViewSet(UsedByMixin, ModelViewSet): queryset = SAMLSource.objects.all() serializer_class = SAMLSourceSerializer lookup_field = "slug" + filterset_fields = "__all__" + ordering = ["name"] @extend_schema(responses={200: SAMLMetadataSerializer(many=False)}) @action(methods=["GET"], detail=True) diff --git a/authentik/stages/authenticator_duo/api.py b/authentik/stages/authenticator_duo/api.py index b44670a8b..ad2b091cc 100644 --- a/authentik/stages/authenticator_duo/api.py +++ b/authentik/stages/authenticator_duo/api.py @@ -43,6 +43,13 @@ class AuthenticatorDuoStageViewSet(UsedByMixin, ModelViewSet): queryset = AuthenticatorDuoStage.objects.all() serializer_class = AuthenticatorDuoStageSerializer + filterset_fields = [ + "name", + "configure_flow", + "client_id", + "api_hostname", + ] + ordering = ["name"] @extend_schema( request=OpenApiTypes.NONE, diff --git a/authentik/stages/authenticator_static/api.py b/authentik/stages/authenticator_static/api.py index 4b6498ea5..9ccd4c576 100644 --- a/authentik/stages/authenticator_static/api.py +++ b/authentik/stages/authenticator_static/api.py @@ -27,6 +27,8 @@ class AuthenticatorStaticStageViewSet(UsedByMixin, ModelViewSet): queryset = AuthenticatorStaticStage.objects.all() serializer_class = AuthenticatorStaticStageSerializer + filterset_fields = "__all__" + ordering = ["name"] class StaticDeviceTokenSerializer(ModelSerializer): diff --git a/authentik/stages/authenticator_totp/api.py b/authentik/stages/authenticator_totp/api.py index 3c9a95f7b..9e9d2d27f 100644 --- a/authentik/stages/authenticator_totp/api.py +++ b/authentik/stages/authenticator_totp/api.py @@ -27,6 +27,8 @@ class AuthenticatorTOTPStageViewSet(UsedByMixin, ModelViewSet): queryset = AuthenticatorTOTPStage.objects.all() serializer_class = AuthenticatorTOTPStageSerializer + filterset_fields = "__all__" + ordering = ["name"] class TOTPDeviceSerializer(ModelSerializer): diff --git a/authentik/stages/authenticator_validate/api.py b/authentik/stages/authenticator_validate/api.py index 32fb88a49..08b110e3e 100644 --- a/authentik/stages/authenticator_validate/api.py +++ b/authentik/stages/authenticator_validate/api.py @@ -38,3 +38,5 @@ class AuthenticatorValidateStageViewSet(UsedByMixin, ModelViewSet): queryset = AuthenticatorValidateStage.objects.all() serializer_class = AuthenticatorValidateStageSerializer + filterset_fields = ["name", "not_configured_action", "configuration_stage"] + ordering = ["name"] diff --git a/authentik/stages/authenticator_webauthn/api.py b/authentik/stages/authenticator_webauthn/api.py index 3bccebca1..7c7d4be54 100644 --- a/authentik/stages/authenticator_webauthn/api.py +++ b/authentik/stages/authenticator_webauthn/api.py @@ -26,6 +26,8 @@ class AuthenticateWebAuthnStageViewSet(UsedByMixin, ModelViewSet): queryset = AuthenticateWebAuthnStage.objects.all() serializer_class = AuthenticateWebAuthnStageSerializer + filterset_fields = "__all__" + ordering = ["name"] class WebAuthnDeviceSerializer(ModelSerializer): diff --git a/authentik/stages/captcha/api.py b/authentik/stages/captcha/api.py index 5623533ce..9dcaef06c 100644 --- a/authentik/stages/captcha/api.py +++ b/authentik/stages/captcha/api.py @@ -21,3 +21,5 @@ class CaptchaStageViewSet(UsedByMixin, ModelViewSet): queryset = CaptchaStage.objects.all() serializer_class = CaptchaStageSerializer + filterset_fields = ["name", "public_key"] + ordering = ["name"] diff --git a/authentik/stages/consent/api.py b/authentik/stages/consent/api.py index 609156600..693288c35 100644 --- a/authentik/stages/consent/api.py +++ b/authentik/stages/consent/api.py @@ -26,6 +26,8 @@ class ConsentStageViewSet(UsedByMixin, ModelViewSet): queryset = ConsentStage.objects.all() serializer_class = ConsentStageSerializer + filterset_fields = "__all__" + ordering = ["name"] class UserConsentSerializer(StageSerializer): diff --git a/authentik/stages/deny/api.py b/authentik/stages/deny/api.py index b6a9fcd20..48bcc7cae 100644 --- a/authentik/stages/deny/api.py +++ b/authentik/stages/deny/api.py @@ -20,3 +20,5 @@ class DenyStageViewSet(UsedByMixin, ModelViewSet): queryset = DenyStage.objects.all() serializer_class = DenyStageSerializer + filterset_fields = "__all__" + ordering = ["name"] diff --git a/authentik/stages/dummy/api.py b/authentik/stages/dummy/api.py index 4447ec134..8569eb2dd 100644 --- a/authentik/stages/dummy/api.py +++ b/authentik/stages/dummy/api.py @@ -20,3 +20,5 @@ class DummyStageViewSet(UsedByMixin, ModelViewSet): queryset = DummyStage.objects.all() serializer_class = DummyStageSerializer + filterset_fields = "__all__" + ordering = ["name"] diff --git a/authentik/stages/email/api.py b/authentik/stages/email/api.py index 90dfd2c6d..636d0bafb 100644 --- a/authentik/stages/email/api.py +++ b/authentik/stages/email/api.py @@ -52,6 +52,21 @@ class EmailStageViewSet(UsedByMixin, ModelViewSet): queryset = EmailStage.objects.all() serializer_class = EmailStageSerializer + filterset_fields = [ + "name", + "use_global_settings", + "host", + "port", + "username", + "use_tls", + "use_ssl", + "timeout", + "from_address", + "token_expiry", + "subject", + "template", + ] + ordering = ["name"] @extend_schema(responses={200: TypeCreateSerializer(many=True)}) @action(detail=False, pagination_class=None, filter_backends=[]) diff --git a/authentik/stages/identification/api.py b/authentik/stages/identification/api.py index 54e9bc8ca..b4c7ca713 100644 --- a/authentik/stages/identification/api.py +++ b/authentik/stages/identification/api.py @@ -28,3 +28,12 @@ class IdentificationStageViewSet(UsedByMixin, ModelViewSet): queryset = IdentificationStage.objects.all() serializer_class = IdentificationStageSerializer + filterset_fields = [ + "name", + "password_stage", + "case_insensitive_matching", + "show_matched_user", + "enrollment_flow", + "recovery_flow", + ] + ordering = ["name"] diff --git a/authentik/stages/invitation/api.py b/authentik/stages/invitation/api.py index ff6a720e2..ccf8f4a61 100644 --- a/authentik/stages/invitation/api.py +++ b/authentik/stages/invitation/api.py @@ -26,6 +26,8 @@ class InvitationStageViewSet(UsedByMixin, ModelViewSet): queryset = InvitationStage.objects.all() serializer_class = InvitationStageSerializer + filterset_fields = "__all__" + ordering = ["name"] class InvitationSerializer(ModelSerializer): diff --git a/authentik/stages/password/api.py b/authentik/stages/password/api.py index 30a376590..95b654ade 100644 --- a/authentik/stages/password/api.py +++ b/authentik/stages/password/api.py @@ -24,3 +24,9 @@ class PasswordStageViewSet(UsedByMixin, ModelViewSet): queryset = PasswordStage.objects.all() serializer_class = PasswordStageSerializer + filterset_fields = [ + "name", + "configure_flow", + "failed_attempts_before_cancel", + ] + ordering = ["name"] diff --git a/authentik/stages/prompt/api.py b/authentik/stages/prompt/api.py index dc5d3b4e6..4fbf4f8e5 100644 --- a/authentik/stages/prompt/api.py +++ b/authentik/stages/prompt/api.py @@ -27,6 +27,8 @@ class PromptStageViewSet(UsedByMixin, ModelViewSet): queryset = PromptStage.objects.all() serializer_class = PromptStageSerializer + filterset_fields = "__all__" + ordering = ["name"] class PromptSerializer(ModelSerializer): diff --git a/authentik/stages/user_delete/api.py b/authentik/stages/user_delete/api.py index 8ab224b44..a2f65c42c 100644 --- a/authentik/stages/user_delete/api.py +++ b/authentik/stages/user_delete/api.py @@ -20,3 +20,5 @@ class UserDeleteStageViewSet(UsedByMixin, ModelViewSet): queryset = UserDeleteStage.objects.all() serializer_class = UserDeleteStageSerializer + filterset_fields = "__all__" + ordering = ["name"] diff --git a/authentik/stages/user_login/api.py b/authentik/stages/user_login/api.py index b55f9779c..ec62c4827 100644 --- a/authentik/stages/user_login/api.py +++ b/authentik/stages/user_login/api.py @@ -22,3 +22,5 @@ class UserLoginStageViewSet(UsedByMixin, ModelViewSet): queryset = UserLoginStage.objects.all() serializer_class = UserLoginStageSerializer + filterset_fields = "__all__" + ordering = ["name"] diff --git a/authentik/stages/user_logout/api.py b/authentik/stages/user_logout/api.py index d361bcfea..d5f506b2b 100644 --- a/authentik/stages/user_logout/api.py +++ b/authentik/stages/user_logout/api.py @@ -20,3 +20,5 @@ class UserLogoutStageViewSet(UsedByMixin, ModelViewSet): queryset = UserLogoutStage.objects.all() serializer_class = UserLogoutStageSerializer + filterset_fields = "__all__" + ordering = ["name"] diff --git a/authentik/stages/user_write/api.py b/authentik/stages/user_write/api.py index 9abac9ef2..bda945b0f 100644 --- a/authentik/stages/user_write/api.py +++ b/authentik/stages/user_write/api.py @@ -20,3 +20,5 @@ class UserWriteStageViewSet(UsedByMixin, ModelViewSet): queryset = UserWriteStage.objects.all() serializer_class = UserWriteStageSerializer + filterset_fields = "__all__" + ordering = ["name"] diff --git a/authentik/tenants/api.py b/authentik/tenants/api.py index 4e7f810e9..529fc74d4 100644 --- a/authentik/tenants/api.py +++ b/authentik/tenants/api.py @@ -70,6 +70,7 @@ class TenantViewSet(UsedByMixin, ModelViewSet): "domain", "branding_title", ] + filterset_fields = "__all__" ordering = ["domain"] @extend_schema( diff --git a/schema.yml b/schema.yml index 197cdbdee..7231c45cc 100644 --- a/schema.yml +++ b/schema.yml @@ -1852,7 +1852,7 @@ paths: schema: type: string format: uuid - description: A UUID string identifying this authenticated session. + description: A UUID string identifying this Authenticated Session. required: true tags: - core @@ -1879,7 +1879,7 @@ paths: schema: type: string format: uuid - description: A UUID string identifying this authenticated session. + description: A UUID string identifying this Authenticated Session. required: true tags: - core @@ -1903,7 +1903,7 @@ paths: schema: type: string format: uuid - description: A UUID string identifying this authenticated session. + description: A UUID string identifying this Authenticated Session. required: true tags: - core @@ -2188,6 +2188,50 @@ paths: operationId: core_tenants_list description: Tenant Viewset parameters: + - in: query + name: branding_favicon + schema: + type: string + - in: query + name: branding_logo + schema: + type: string + - in: query + name: branding_title + schema: + type: string + - in: query + name: default + schema: + type: boolean + - in: query + name: domain + schema: + type: string + - in: query + name: event_retention + schema: + type: string + - in: query + name: flow_authentication + schema: + type: string + format: uuid + - in: query + name: flow_invalidation + schema: + type: string + format: uuid + - in: query + name: flow_recovery + schema: + type: string + format: uuid + - in: query + name: flow_unenrollment + schema: + type: string + format: uuid - name: ordering required: false in: query @@ -2212,6 +2256,11 @@ paths: description: A search term. schema: type: string + - in: query + name: tenant_uuid + schema: + type: string + format: uuid tags: - core security: @@ -4130,6 +4179,14 @@ paths: operationId: events_rules_list description: NotificationRule Viewset parameters: + - in: query + name: group__name + schema: + type: string + - in: query + name: name + schema: + type: string - name: ordering required: false in: query @@ -4154,6 +4211,16 @@ paths: description: A search term. schema: type: string + - in: query + name: severity + schema: + type: string + enum: + - alert + - notice + - warning + description: Controls which severity level the created notifications will + have. tags: - events security: @@ -4364,6 +4431,18 @@ paths: operationId: events_transports_list description: NotificationTransport Viewset parameters: + - in: query + name: mode + schema: + type: string + enum: + - email + - webhook + - webhook_slack + - in: query + name: name + schema: + type: string - name: ordering required: false in: query @@ -4388,6 +4467,14 @@ paths: description: A search term. schema: type: string + - in: query + name: send_once + schema: + type: boolean + - in: query + name: webhook_url + schema: + type: string tags: - events security: @@ -5724,6 +5811,14 @@ paths: operationId: outposts_instances_list description: Outpost Viewset parameters: + - in: query + name: name__icontains + schema: + type: string + - in: query + name: name__iexact + schema: + type: string - name: ordering required: false in: query @@ -5752,6 +5847,14 @@ paths: description: A search term. schema: type: string + - in: query + name: service_connection__name__icontains + schema: + type: string + - in: query + name: service_connection__name__iexact + schema: + type: string tags: - outposts security: @@ -5932,6 +6035,14 @@ paths: operationId: outposts_instances_health_list description: Get outposts current health parameters: + - in: query + name: name__icontains + schema: + type: string + - in: query + name: name__iexact + schema: + type: string - name: ordering required: false in: query @@ -5948,6 +6059,14 @@ paths: description: A search term. schema: type: string + - in: query + name: service_connection__name__icontains + schema: + type: string + - in: query + name: service_connection__name__iexact + schema: + type: string - in: path name: uuid schema: @@ -6352,6 +6471,14 @@ paths: operationId: outposts_service_connections_docker_list description: DockerServiceConnection Viewset parameters: + - in: query + name: local + schema: + type: boolean + - in: query + name: name + schema: + type: string - name: ordering required: false in: query @@ -6376,6 +6503,20 @@ paths: description: A search term. schema: type: string + - in: query + name: tls_authentication + schema: + type: string + format: uuid + - in: query + name: tls_verification + schema: + type: string + format: uuid + - in: query + name: url + schema: + type: string tags: - outposts security: @@ -6586,6 +6727,14 @@ paths: operationId: outposts_service_connections_kubernetes_list description: KubernetesServiceConnection Viewset parameters: + - in: query + name: local + schema: + type: boolean + - in: query + name: name + schema: + type: string - name: ordering required: false in: query @@ -7308,6 +7457,24 @@ paths: operationId: policies_dummy_list description: Dummy Viewset parameters: + - in: query + name: created + schema: + type: string + format: date-time + - in: query + name: execution_logging + schema: + type: boolean + - in: query + name: last_updated + schema: + type: string + format: date-time + - in: query + name: name + schema: + type: string - name: ordering required: false in: query @@ -7326,12 +7493,29 @@ paths: description: Number of results to return per page. schema: type: integer + - in: query + name: policy_uuid + schema: + type: string + format: uuid + - in: query + name: result + schema: + type: boolean - name: search required: false in: query description: A search term. schema: type: string + - in: query + name: wait_max + schema: + type: integer + - in: query + name: wait_min + schema: + type: integer tags: - policies security: @@ -7540,6 +7724,113 @@ paths: operationId: policies_event_matcher_list description: Event Matcher Policy Viewset parameters: + - in: query + name: action + schema: + type: string + enum: + - authorize_application + - configuration_error + - custom_ + - email_sent + - impersonation_ended + - impersonation_started + - invitation_used + - login + - login_failed + - logout + - model_created + - model_deleted + - model_updated + - password_set + - policy_exception + - policy_execution + - property_mapping_exception + - secret_rotate + - secret_view + - source_linked + - suspicious_request + - system_exception + - system_task_exception + - system_task_execution + - update_available + - user_write + description: Match created events with this action type. When left empty, + all action types will be matched. + - in: query + name: app + schema: + type: string + enum: + - authentik.admin + - authentik.api + - authentik.core + - authentik.crypto + - authentik.events + - authentik.flows + - authentik.lib + - authentik.managed + - authentik.outposts + - authentik.policies + - authentik.policies.dummy + - authentik.policies.event_matcher + - authentik.policies.expiry + - authentik.policies.expression + - authentik.policies.hibp + - authentik.policies.password + - authentik.policies.reputation + - authentik.providers.ldap + - authentik.providers.oauth2 + - authentik.providers.proxy + - authentik.providers.saml + - authentik.recovery + - authentik.sources.ldap + - authentik.sources.oauth + - authentik.sources.plex + - authentik.sources.saml + - authentik.stages.authenticator_duo + - authentik.stages.authenticator_static + - authentik.stages.authenticator_totp + - authentik.stages.authenticator_validate + - authentik.stages.authenticator_webauthn + - authentik.stages.captcha + - authentik.stages.consent + - authentik.stages.deny + - authentik.stages.dummy + - authentik.stages.email + - authentik.stages.identification + - authentik.stages.invitation + - authentik.stages.password + - authentik.stages.prompt + - authentik.stages.user_delete + - authentik.stages.user_login + - authentik.stages.user_logout + - authentik.stages.user_write + - authentik.tenants + description: Match events created by selected application. When left empty, + all applications are matched. + - in: query + name: client_ip + schema: + type: string + - in: query + name: created + schema: + type: string + format: date-time + - in: query + name: execution_logging + schema: + type: boolean + - in: query + name: last_updated + schema: + type: string + format: date-time + - in: query + name: name + schema: + type: string - name: ordering required: false in: query @@ -7558,6 +7849,11 @@ paths: description: Number of results to return per page. schema: type: integer + - in: query + name: policy_uuid + schema: + type: string + format: uuid - name: search required: false in: query @@ -7772,6 +8068,28 @@ paths: operationId: policies_expression_list description: Source Viewset parameters: + - in: query + name: created + schema: + type: string + format: date-time + - in: query + name: execution_logging + schema: + type: boolean + - in: query + name: expression + schema: + type: string + - in: query + name: last_updated + schema: + type: string + format: date-time + - in: query + name: name + schema: + type: string - name: ordering required: false in: query @@ -7790,6 +8108,11 @@ paths: description: Number of results to return per page. schema: type: integer + - in: query + name: policy_uuid + schema: + type: string + format: uuid - name: search required: false in: query @@ -8006,6 +8329,28 @@ paths: operationId: policies_haveibeenpwned_list description: Source Viewset parameters: + - in: query + name: allowed_count + schema: + type: integer + - in: query + name: created + schema: + type: string + format: date-time + - in: query + name: execution_logging + schema: + type: boolean + - in: query + name: last_updated + schema: + type: string + format: date-time + - in: query + name: name + schema: + type: string - name: ordering required: false in: query @@ -8024,6 +8369,15 @@ paths: description: Number of results to return per page. schema: type: integer + - in: query + name: password_field + schema: + type: string + - in: query + name: policy_uuid + schema: + type: string + format: uuid - name: search required: false in: query @@ -8238,6 +8592,44 @@ paths: operationId: policies_password_list description: Password Policy Viewset parameters: + - in: query + name: amount_lowercase + schema: + type: integer + - in: query + name: amount_symbols + schema: + type: integer + - in: query + name: amount_uppercase + schema: + type: integer + - in: query + name: created + schema: + type: string + format: date-time + - in: query + name: error_message + schema: + type: string + - in: query + name: execution_logging + schema: + type: boolean + - in: query + name: last_updated + schema: + type: string + format: date-time + - in: query + name: length_min + schema: + type: integer + - in: query + name: name + schema: + type: string - name: ordering required: false in: query @@ -8256,12 +8648,25 @@ paths: description: Number of results to return per page. schema: type: integer + - in: query + name: password_field + schema: + type: string + - in: query + name: policy_uuid + schema: + type: string + format: uuid - name: search required: false in: query description: A search term. schema: type: string + - in: query + name: symbol_charset + schema: + type: string tags: - policies security: @@ -8472,6 +8877,32 @@ paths: operationId: policies_password_expiry_list description: Password Expiry Viewset parameters: + - in: query + name: created + schema: + type: string + format: date-time + - in: query + name: days + schema: + type: integer + - in: query + name: deny_only + schema: + type: boolean + - in: query + name: execution_logging + schema: + type: boolean + - in: query + name: last_updated + schema: + type: string + format: date-time + - in: query + name: name + schema: + type: string - name: ordering required: false in: query @@ -8490,6 +8921,11 @@ paths: description: Number of results to return per page. schema: type: integer + - in: query + name: policy_uuid + schema: + type: string + format: uuid - name: search required: false in: query @@ -8706,6 +9142,32 @@ paths: operationId: policies_reputation_list description: Reputation Policy Viewset parameters: + - in: query + name: check_ip + schema: + type: boolean + - in: query + name: check_username + schema: + type: boolean + - in: query + name: created + schema: + type: string + format: date-time + - in: query + name: execution_logging + schema: + type: boolean + - in: query + name: last_updated + schema: + type: string + format: date-time + - in: query + name: name + schema: + type: string - name: ordering required: false in: query @@ -8724,12 +9186,21 @@ paths: description: Number of results to return per page. schema: type: integer + - in: query + name: policy_uuid + schema: + type: string + format: uuid - name: search required: false in: query description: A search term. schema: type: string + - in: query + name: threshold + schema: + type: integer tags: - policies security: @@ -9396,6 +9867,22 @@ paths: operationId: propertymappings_ldap_list description: LDAP PropertyMapping Viewset parameters: + - in: query + name: expression + schema: + type: string + - in: query + name: managed + schema: + type: string + - in: query + name: name + schema: + type: string + - in: query + name: object_field + schema: + type: string - name: ordering required: false in: query @@ -9414,6 +9901,11 @@ paths: description: Number of results to return per page. schema: type: integer + - in: query + name: pm_uuid + schema: + type: string + format: uuid - name: search required: false in: query @@ -9630,6 +10122,22 @@ paths: operationId: propertymappings_saml_list description: SAMLPropertyMapping Viewset parameters: + - in: query + name: expression + schema: + type: string + - in: query + name: friendly_name + schema: + type: string + - in: query + name: managed + schema: + type: string + - in: query + name: name + schema: + type: string - name: ordering required: false in: query @@ -9648,6 +10156,15 @@ paths: description: Number of results to return per page. schema: type: integer + - in: query + name: pm_uuid + schema: + type: string + format: uuid + - in: query + name: saml_name + schema: + type: string - name: search required: false in: query @@ -9864,6 +10381,14 @@ paths: operationId: propertymappings_scope_list description: ScopeMapping Viewset parameters: + - in: query + name: managed + schema: + type: string + - in: query + name: name + schema: + type: string - name: ordering required: false in: query @@ -9882,6 +10407,10 @@ paths: description: Number of results to return per page. schema: type: integer + - in: query + name: scope_name + schema: + type: string - name: search required: false in: query @@ -10247,6 +10776,28 @@ paths: operationId: providers_ldap_list description: LDAPProvider Viewset parameters: + - in: query + name: authorization_flow + schema: + type: string + format: uuid + - in: query + name: base_dn + schema: + type: string + - in: query + name: certificate + schema: + type: string + format: uuid + - in: query + name: gid_start_number + schema: + type: integer + - in: query + name: name + schema: + type: string - name: ordering required: false in: query @@ -10265,12 +10816,34 @@ paths: description: Number of results to return per page. schema: type: integer + - in: query + name: property_mappings + schema: + type: array + items: + type: string + format: uuid + explode: true + style: form - name: search required: false in: query description: A search term. schema: type: string + - in: query + name: search_group + schema: + type: string + format: uuid + - in: query + name: tls_server_name + schema: + type: string + - in: query + name: uid_start_number + schema: + type: integer tags: - providers security: @@ -10476,6 +11049,59 @@ paths: operationId: providers_oauth2_list description: OAuth2Provider Viewset parameters: + - in: query + name: access_code_validity + schema: + type: string + - in: query + name: application + schema: + type: string + format: uuid + - in: query + name: authorization_flow + schema: + type: string + format: uuid + - in: query + name: client_id + schema: + type: string + - in: query + name: client_type + schema: + type: string + enum: + - confidential + - public + description: |- + Confidential clients are capable of maintaining the confidentiality + of their credentials. Public clients are incapable. + - in: query + name: include_claims_in_id_token + schema: + type: boolean + - in: query + name: issuer_mode + schema: + type: string + enum: + - global + - per_provider + description: Configure how the issuer field of the ID Token should be filled. + - in: query + name: jwt_alg + schema: + type: string + title: JWT Algorithm + enum: + - HS256 + - RS256 + description: Algorithm used to sign the JWT Token + - in: query + name: name + schema: + type: string - name: ordering required: false in: query @@ -10494,12 +11120,45 @@ paths: description: Number of results to return per page. schema: type: integer + - in: query + name: property_mappings + schema: + type: array + items: + type: string + format: uuid + explode: true + style: form + - in: query + name: redirect_uris + schema: + type: string + - in: query + name: rsa_key + schema: + type: string + format: uuid - name: search required: false in: query description: A search term. schema: type: string + - in: query + name: sub_mode + schema: + type: string + enum: + - hashed_user_id + - user_email + - user_upn + - user_username + description: Configure what data should be used as unique User Identifier. + For most cases, the default should be fine. + - in: query + name: token_validity + schema: + type: string tags: - providers security: @@ -10734,6 +11393,105 @@ paths: operationId: providers_proxy_list description: ProxyProvider Viewset parameters: + - in: query + name: access_code_validity + schema: + type: string + - in: query + name: authorization_flow + schema: + type: string + format: uuid + - in: query + name: basic_auth_enabled + schema: + type: boolean + - in: query + name: basic_auth_password_attribute + schema: + type: string + - in: query + name: basic_auth_user_attribute + schema: + type: string + - in: query + name: certificate + schema: + type: string + format: uuid + - in: query + name: client_id + schema: + type: string + - in: query + name: client_secret + schema: + type: string + - in: query + name: client_type + schema: + type: string + enum: + - confidential + - public + description: |- + Confidential clients are capable of maintaining the confidentiality + of their credentials. Public clients are incapable. + - in: query + name: cookie_domain + schema: + type: string + - in: query + name: cookie_secret + schema: + type: string + - in: query + name: external_host + schema: + type: string + - in: query + name: include_claims_in_id_token + schema: + type: boolean + - in: query + name: internal_host + schema: + type: string + - in: query + name: internal_host_ssl_validation + schema: + type: boolean + - in: query + name: issuer_mode + schema: + type: string + enum: + - global + - per_provider + description: Configure how the issuer field of the ID Token should be filled. + - in: query + name: jwt_alg + schema: + type: string + title: JWT Algorithm + enum: + - HS256 + - RS256 + description: Algorithm used to sign the JWT Token + - in: query + name: mode + schema: + type: string + enum: + - forward_domain + - forward_single + - proxy + description: Enable support for forwardAuth in traefik and nginx auth_request. + Exclusive with internal_host. + - in: query + name: name + schema: + type: string - name: ordering required: false in: query @@ -10752,12 +11510,49 @@ paths: description: Number of results to return per page. schema: type: integer + - in: query + name: property_mappings + schema: + type: array + items: + type: string + format: uuid + explode: true + style: form + - in: query + name: redirect_uris + schema: + type: string + - in: query + name: rsa_key + schema: + type: string + format: uuid - name: search required: false in: query description: A search term. schema: type: string + - in: query + name: skip_path_regex + schema: + type: string + - in: query + name: sub_mode + schema: + type: string + enum: + - hashed_user_id + - user_email + - user_upn + - user_username + description: Configure what data should be used as unique User Identifier. + For most cases, the default should be fine. + - in: query + name: token_validity + schema: + type: string tags: - providers security: @@ -10963,6 +11758,49 @@ paths: operationId: providers_saml_list description: SAMLProvider Viewset parameters: + - in: query + name: acs_url + schema: + type: string + - in: query + name: assertion_valid_not_before + schema: + type: string + - in: query + name: assertion_valid_not_on_or_after + schema: + type: string + - in: query + name: audience + schema: + type: string + - in: query + name: authorization_flow + schema: + type: string + format: uuid + - in: query + name: digest_algorithm + schema: + type: string + enum: + - http://www.w3.org/2000/09/xmldsig#sha1 + - http://www.w3.org/2001/04/xmldsig-more#sha384 + - http://www.w3.org/2001/04/xmlenc#sha256 + - http://www.w3.org/2001/04/xmlenc#sha512 + - in: query + name: issuer + schema: + type: string + - in: query + name: name + schema: + type: string + - in: query + name: name_id_mapping + schema: + type: string + format: uuid - name: ordering required: false in: query @@ -10981,12 +11819,55 @@ paths: description: Number of results to return per page. schema: type: integer + - in: query + name: property_mappings + schema: + type: array + items: + type: string + format: uuid + explode: true + style: form - name: search required: false in: query description: A search term. schema: type: string + - in: query + name: session_valid_not_on_or_after + schema: + type: string + - in: query + name: signature_algorithm + schema: + type: string + enum: + - http://www.w3.org/2000/09/xmldsig#dsa-sha1 + - http://www.w3.org/2000/09/xmldsig#rsa-sha1 + - http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 + - http://www.w3.org/2001/04/xmldsig-more#rsa-sha384 + - http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 + - in: query + name: signing_kp + schema: + type: string + format: uuid + - in: query + name: sp_binding + schema: + type: string + title: Service Provider Binding + enum: + - post + - redirect + description: This determines how authentik sends the response back to the + Service Provider. + - in: query + name: verification_kp + schema: + type: string + format: uuid tags: - providers security: @@ -11583,6 +12464,52 @@ paths: operationId: sources_ldap_list description: LDAP Source Viewset parameters: + - in: query + name: additional_group_dn + schema: + type: string + - in: query + name: additional_user_dn + schema: + type: string + - in: query + name: authentication_flow + schema: + type: string + format: uuid + - in: query + name: base_dn + schema: + type: string + - in: query + name: bind_cn + schema: + type: string + - in: query + name: enabled + schema: + type: boolean + - in: query + name: enrollment_flow + schema: + type: string + format: uuid + - in: query + name: group_membership_field + schema: + type: string + - in: query + name: group_object_filter + schema: + type: string + - in: query + name: name + schema: + type: string + - in: query + name: object_uniqueness_field + schema: + type: string - name: ordering required: false in: query @@ -11601,12 +12528,70 @@ paths: description: Number of results to return per page. schema: type: integer + - in: query + name: policy_engine_mode + schema: + type: string + enum: + - all + - any + - in: query + name: property_mappings + schema: + type: array + items: + type: string + format: uuid + explode: true + style: form + - in: query + name: property_mappings_group + schema: + type: array + items: + type: string + format: uuid + explode: true + style: form - name: search required: false in: query description: A search term. schema: type: string + - in: query + name: server_uri + schema: + type: string + - in: query + name: slug + schema: + type: string + - in: query + name: start_tls + schema: + type: boolean + - in: query + name: sync_groups + schema: + type: boolean + - in: query + name: sync_parent_group + schema: + type: string + format: uuid + - in: query + name: sync_users + schema: + type: boolean + - in: query + name: sync_users_password + schema: + type: boolean + - in: query + name: user_object_filter + schema: + type: string tags: - sources security: @@ -11841,6 +12826,36 @@ paths: operationId: sources_oauth_list description: Source Viewset parameters: + - in: query + name: access_token_url + schema: + type: string + - in: query + name: authentication_flow + schema: + type: string + format: uuid + - in: query + name: authorization_url + schema: + type: string + - in: query + name: consumer_key + schema: + type: string + - in: query + name: enabled + schema: + type: boolean + - in: query + name: enrollment_flow + schema: + type: string + format: uuid + - in: query + name: name + schema: + type: string - name: ordering required: false in: query @@ -11859,12 +12874,47 @@ paths: description: Number of results to return per page. schema: type: integer + - in: query + name: policy_engine_mode + schema: + type: string + enum: + - all + - any + - in: query + name: profile_url + schema: + type: string + - in: query + name: provider_type + schema: + type: string + - in: query + name: request_token_url + schema: + type: string - name: search required: false in: query description: A search term. schema: type: string + - in: query + name: slug + schema: + type: string + - in: query + name: user_matching_mode + schema: + type: string + enum: + - email_deny + - email_link + - identifier + - username_deny + - username_link + description: How the source determines if an existing user should be authenticated + or a new user enrolled. tags: - sources security: @@ -12294,6 +13344,32 @@ paths: operationId: sources_plex_list description: Plex source Viewset parameters: + - in: query + name: allow_friends + schema: + type: boolean + - in: query + name: authentication_flow + schema: + type: string + format: uuid + - in: query + name: client_id + schema: + type: string + - in: query + name: enabled + schema: + type: boolean + - in: query + name: enrollment_flow + schema: + type: string + format: uuid + - in: query + name: name + schema: + type: string - name: ordering required: false in: query @@ -12312,12 +13388,35 @@ paths: description: Number of results to return per page. schema: type: integer + - in: query + name: policy_engine_mode + schema: + type: string + enum: + - all + - any - name: search required: false in: query description: A search term. schema: type: string + - in: query + name: slug + schema: + type: string + - in: query + name: user_matching_mode + schema: + type: string + enum: + - email_deny + - email_link + - identifier + - username_deny + - username_link + description: How the source determines if an existing user should be authenticated + or a new user enrolled. tags: - sources security: @@ -12563,6 +13662,65 @@ paths: operationId: sources_saml_list description: SAMLSource Viewset parameters: + - in: query + name: allow_idp_initiated + schema: + type: boolean + - in: query + name: authentication_flow + schema: + type: string + format: uuid + - in: query + name: binding_type + schema: + type: string + enum: + - POST + - POST_AUTO + - REDIRECT + - in: query + name: digest_algorithm + schema: + type: string + enum: + - http://www.w3.org/2000/09/xmldsig#sha1 + - http://www.w3.org/2001/04/xmldsig-more#sha384 + - http://www.w3.org/2001/04/xmlenc#sha256 + - http://www.w3.org/2001/04/xmlenc#sha512 + - in: query + name: enabled + schema: + type: boolean + - in: query + name: enrollment_flow + schema: + type: string + format: uuid + - in: query + name: issuer + schema: + type: string + - in: query + name: managed + schema: + type: string + - in: query + name: name + schema: + type: string + - in: query + name: name_id_policy + schema: + type: string + enum: + - urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress + - urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName + - urn:oasis:names:tc:SAML:2.0:nameid-format:X509SubjectName + - urn:oasis:names:tc:SAML:2.0:nameid-format:persistent + - urn:oasis:names:tc:SAML:2.0:nameid-format:transient + description: NameID Policy sent to the IdP. Can be unset, in which case no + Policy is sent. - name: ordering required: false in: query @@ -12581,12 +13739,90 @@ paths: description: Number of results to return per page. schema: type: integer + - in: query + name: pbm_uuid + schema: + type: string + format: uuid + - in: query + name: policies + schema: + type: array + items: + type: string + format: uuid + explode: true + style: form + - in: query + name: policy_engine_mode + schema: + type: string + enum: + - all + - any + - in: query + name: pre_authentication_flow + schema: + type: string + format: uuid + - in: query + name: property_mappings + schema: + type: array + items: + type: string + format: uuid + explode: true + style: form - name: search required: false in: query description: A search term. schema: type: string + - in: query + name: signature_algorithm + schema: + type: string + enum: + - http://www.w3.org/2000/09/xmldsig#dsa-sha1 + - http://www.w3.org/2000/09/xmldsig#rsa-sha1 + - http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 + - http://www.w3.org/2001/04/xmldsig-more#rsa-sha384 + - http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 + - in: query + name: signing_kp + schema: + type: string + format: uuid + - in: query + name: slo_url + schema: + type: string + - in: query + name: slug + schema: + type: string + - in: query + name: sso_url + schema: + type: string + - in: query + name: temporary_user_delete_after + schema: + type: string + - in: query + name: user_matching_mode + schema: + type: string + enum: + - email_deny + - email_link + - identifier + - username_deny + - username_link + description: How the source determines if an existing user should be authenticated + or a new user enrolled. tags: - sources security: @@ -12993,6 +14229,23 @@ paths: operationId: stages_authenticator_duo_list description: AuthenticatorDuoStage Viewset parameters: + - in: query + name: api_hostname + schema: + type: string + - in: query + name: client_id + schema: + type: string + - in: query + name: configure_flow + schema: + type: string + format: uuid + - in: query + name: name + schema: + type: string - name: ordering required: false in: query @@ -13253,6 +14506,15 @@ paths: operationId: stages_authenticator_static_list description: AuthenticatorStaticStage Viewset parameters: + - in: query + name: configure_flow + schema: + type: string + format: uuid + - in: query + name: name + schema: + type: string - name: ordering required: false in: query @@ -13277,6 +14539,15 @@ paths: description: A search term. schema: type: string + - in: query + name: stage_uuid + schema: + type: string + format: uuid + - in: query + name: token_count + schema: + type: integer tags: - stages security: @@ -13487,6 +14758,22 @@ paths: operationId: stages_authenticator_totp_list description: AuthenticatorTOTPStage Viewset parameters: + - in: query + name: configure_flow + schema: + type: string + format: uuid + - in: query + name: digits + schema: + type: integer + enum: + - 6 + - 8 + - in: query + name: name + schema: + type: string - name: ordering required: false in: query @@ -13511,6 +14798,11 @@ paths: description: A search term. schema: type: string + - in: query + name: stage_uuid + schema: + type: string + format: uuid tags: - stages security: @@ -13721,6 +15013,23 @@ paths: operationId: stages_authenticator_validate_list description: AuthenticatorValidateStage Viewset parameters: + - in: query + name: configuration_stage + schema: + type: string + format: uuid + - in: query + name: name + schema: + type: string + - in: query + name: not_configured_action + schema: + type: string + enum: + - configure + - deny + - skip - name: ordering required: false in: query @@ -13955,6 +15264,15 @@ paths: operationId: stages_authenticator_webauthn_list description: AuthenticateWebAuthnStage Viewset parameters: + - in: query + name: configure_flow + schema: + type: string + format: uuid + - in: query + name: name + schema: + type: string - name: ordering required: false in: query @@ -13979,6 +15297,11 @@ paths: description: A search term. schema: type: string + - in: query + name: stage_uuid + schema: + type: string + format: uuid tags: - stages security: @@ -14189,6 +15512,10 @@ paths: operationId: stages_captcha_list description: CaptchaStage Viewset parameters: + - in: query + name: name + schema: + type: string - name: ordering required: false in: query @@ -14207,6 +15534,10 @@ paths: description: Number of results to return per page. schema: type: integer + - in: query + name: public_key + schema: + type: string - name: search required: false in: query @@ -14423,6 +15754,22 @@ paths: operationId: stages_consent_list description: ConsentStage Viewset parameters: + - in: query + name: consent_expire_in + schema: + type: string + - in: query + name: mode + schema: + type: string + enum: + - always_require + - expiring + - permanent + - in: query + name: name + schema: + type: string - name: ordering required: false in: query @@ -14447,6 +15794,11 @@ paths: description: A search term. schema: type: string + - in: query + name: stage_uuid + schema: + type: string + format: uuid tags: - stages security: @@ -14657,6 +16009,10 @@ paths: operationId: stages_deny_list description: DenyStage Viewset parameters: + - in: query + name: name + schema: + type: string - name: ordering required: false in: query @@ -14681,6 +16037,11 @@ paths: description: A search term. schema: type: string + - in: query + name: stage_uuid + schema: + type: string + format: uuid tags: - stages security: @@ -14891,6 +16252,10 @@ paths: operationId: stages_dummy_list description: DummyStage Viewset parameters: + - in: query + name: name + schema: + type: string - name: ordering required: false in: query @@ -14915,6 +16280,11 @@ paths: description: A search term. schema: type: string + - in: query + name: stage_uuid + schema: + type: string + format: uuid tags: - stages security: @@ -15125,6 +16495,18 @@ paths: operationId: stages_email_list description: EmailStage Viewset parameters: + - in: query + name: from_address + schema: + type: string + - in: query + name: host + schema: + type: string + - in: query + name: name + schema: + type: string - name: ordering required: false in: query @@ -15143,12 +16525,48 @@ paths: description: Number of results to return per page. schema: type: integer + - in: query + name: port + schema: + type: integer - name: search required: false in: query description: A search term. schema: type: string + - in: query + name: subject + schema: + type: string + - in: query + name: template + schema: + type: string + - in: query + name: timeout + schema: + type: integer + - in: query + name: token_expiry + schema: + type: integer + - in: query + name: use_global_settings + schema: + type: boolean + - in: query + name: use_ssl + schema: + type: boolean + - in: query + name: use_tls + schema: + type: boolean + - in: query + name: username + schema: + type: string tags: - stages security: @@ -15381,6 +16799,19 @@ paths: operationId: stages_identification_list description: IdentificationStage Viewset parameters: + - in: query + name: case_insensitive_matching + schema: + type: boolean + - in: query + name: enrollment_flow + schema: + type: string + format: uuid + - in: query + name: name + schema: + type: string - name: ordering required: false in: query @@ -15399,12 +16830,26 @@ paths: description: Number of results to return per page. schema: type: integer + - in: query + name: password_stage + schema: + type: string + format: uuid + - in: query + name: recovery_flow + schema: + type: string + format: uuid - name: search required: false in: query description: A search term. schema: type: string + - in: query + name: show_matched_user + schema: + type: boolean tags: - stages security: @@ -15856,6 +17301,14 @@ paths: operationId: stages_invitation_stages_list description: InvitationStage Viewset parameters: + - in: query + name: continue_flow_without_invitation + schema: + type: boolean + - in: query + name: name + schema: + type: string - name: ordering required: false in: query @@ -15880,6 +17333,11 @@ paths: description: A search term. schema: type: string + - in: query + name: stage_uuid + schema: + type: string + format: uuid tags: - stages security: @@ -16090,6 +17548,19 @@ paths: operationId: stages_password_list description: PasswordStage Viewset parameters: + - in: query + name: configure_flow + schema: + type: string + format: uuid + - in: query + name: failed_attempts_before_cancel + schema: + type: integer + - in: query + name: name + schema: + type: string - name: ordering required: false in: query @@ -16586,6 +18057,19 @@ paths: operationId: stages_prompt_stages_list description: PromptStage Viewset parameters: + - in: query + name: fields + schema: + type: array + items: + type: string + format: uuid + explode: true + style: form + - in: query + name: name + schema: + type: string - name: ordering required: false in: query @@ -16610,6 +18094,20 @@ paths: description: A search term. schema: type: string + - in: query + name: stage_uuid + schema: + type: string + format: uuid + - in: query + name: validation_policies + schema: + type: array + items: + type: string + format: uuid + explode: true + style: form tags: - stages security: @@ -16820,6 +18318,10 @@ paths: operationId: stages_user_delete_list description: UserDeleteStage Viewset parameters: + - in: query + name: name + schema: + type: string - name: ordering required: false in: query @@ -16844,6 +18346,11 @@ paths: description: A search term. schema: type: string + - in: query + name: stage_uuid + schema: + type: string + format: uuid tags: - stages security: @@ -17054,6 +18561,10 @@ paths: operationId: stages_user_login_list description: UserLoginStage Viewset parameters: + - in: query + name: name + schema: + type: string - name: ordering required: false in: query @@ -17078,6 +18589,15 @@ paths: description: A search term. schema: type: string + - in: query + name: session_duration + schema: + type: string + - in: query + name: stage_uuid + schema: + type: string + format: uuid tags: - stages security: @@ -17288,6 +18808,10 @@ paths: operationId: stages_user_logout_list description: UserLogoutStage Viewset parameters: + - in: query + name: name + schema: + type: string - name: ordering required: false in: query @@ -17312,6 +18836,11 @@ paths: description: A search term. schema: type: string + - in: query + name: stage_uuid + schema: + type: string + format: uuid tags: - stages security: @@ -17522,6 +19051,14 @@ paths: operationId: stages_user_write_list description: UserWriteStage Viewset parameters: + - in: query + name: create_users_as_inactive + schema: + type: boolean + - in: query + name: name + schema: + type: string - name: ordering required: false in: query @@ -17546,6 +19083,11 @@ paths: description: A search term. schema: type: string + - in: query + name: stage_uuid + schema: + type: string + format: uuid tags: - stages security: