providers/proxy: start implementing basic_auth_enabled

see #244
This commit is contained in:
Jens Langhammer 2020-09-30 11:15:17 +02:00
parent 02f5f12089
commit 9d5dd896f3
4 changed files with 66 additions and 2 deletions

View file

@ -57,6 +57,9 @@ class ProxyProviderSerializer(ModelSerializer):
"internal_host_ssl_validation",
"certificate",
"skip_path_regex",
"basic_auth_enabled",
"basic_auth_password_attribute",
"basic_auth_user_attribute",
]
@ -97,6 +100,9 @@ class ProxyOutpostConfigSerializer(ModelSerializer):
"cookie_secret",
"certificate",
"skip_path_regex",
"basic_auth_enabled",
"basic_auth_password_attribute",
"basic_auth_user_attribute",
]
@swagger_serializer_method(serializer_or_field=OpenIDConnectConfigurationSerializer)

View file

@ -37,9 +37,14 @@ class ProxyProviderForm(forms.ModelForm):
"external_host",
"certificate",
"skip_path_regex",
"basic_auth_enabled",
"basic_auth_user_attribute",
"basic_auth_password_attribute",
]
widgets = {
"name": forms.TextInput(),
"internal_host": forms.TextInput(),
"external_host": forms.TextInput(),
"basic_auth_user_attribute": forms.TextInput(),
"basic_auth_password_attribute": forms.TextInput(),
}

View file

@ -66,6 +66,31 @@ class ProxyProvider(OutpostModel, OAuth2Provider):
),
)
basic_auth_enabled = models.BooleanField(
default=False,
verbose_name=_("Set HTTP-Basic Authentication"),
help_text=_(
"Set a custom HTTP-Basic Authentication header based on values from passbook."
),
)
basic_auth_user_attribute = models.TextField(
blank=True,
verbose_name=_("HTTP-Basic Username"),
help_text=_(
(
"User Attribute used for the user part of the HTTP-Basic Header. "
"If not set, the user's Email address is used."
)
),
)
basic_auth_password_attribute = models.TextField(
blank=True,
verbose_name=_("HTTP-Basic Password"),
help_text=_(
("User Attribute used for the password part of the HTTP-Basic Header.")
),
)
certificate = models.ForeignKey(
CertificateKeyPair, on_delete=models.SET_NULL, null=True, blank=True,
)

View file

@ -6216,7 +6216,7 @@ definitions:
type: string
minLength: 1
internal_host_ssl_validation:
title: Internal host ssl validation
title: Internal host SSL Validation
description: Validate SSL Certificates of upstream servers
type: boolean
client_id:
@ -6244,6 +6244,20 @@ definitions:
description: Regular expressions for which authentication is not required.
Each new line is interpreted as a new Regular Expression.
type: string
basic_auth_enabled:
title: Set HTTP-Basic Authentication
description: Set a custom HTTP-Basic Authentication header based on values
from passbook.
type: boolean
basic_auth_password_attribute:
title: HTTP-Basic Password
description: User Attribute used for the password part of the HTTP-Basic Header.
type: string
basic_auth_user_attribute:
title: HTTP-Basic Username
description: User Attribute used for the user part of the HTTP-Basic Header.
If not set, the user's Email address is used.
type: string
Policy:
type: object
properties:
@ -6705,7 +6719,7 @@ definitions:
type: string
minLength: 1
internal_host_ssl_validation:
title: Internal host ssl validation
title: Internal host SSL Validation
description: Validate SSL Certificates of upstream servers
type: boolean
certificate:
@ -6718,6 +6732,20 @@ definitions:
description: Regular expressions for which authentication is not required.
Each new line is interpreted as a new Regular Expression.
type: string
basic_auth_enabled:
title: Set HTTP-Basic Authentication
description: Set a custom HTTP-Basic Authentication header based on values
from passbook.
type: boolean
basic_auth_password_attribute:
title: HTTP-Basic Password
description: User Attribute used for the password part of the HTTP-Basic Header.
type: string
basic_auth_user_attribute:
title: HTTP-Basic Username
description: User Attribute used for the user part of the HTTP-Basic Header.
If not set, the user's Email address is used.
type: string
SAMLProvider:
required:
- name