outposts/ldap: use authorization_flow instead of separate field

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-04-26 14:46:29 +02:00
parent b35d9ae8b0
commit b3c8ffb96c
8 changed files with 16 additions and 36 deletions

View file

@ -14,7 +14,6 @@ class LDAPProviderSerializer(ProviderSerializer):
model = LDAPProvider
fields = ProviderSerializer.Meta.fields + [
"bind_flow",
"base_dn",
]
@ -31,7 +30,7 @@ class LDAPOutpostConfigSerializer(ModelSerializer):
"""LDAPProvider Serializer"""
application_slug = CharField(source="application.slug")
bind_flow_slug = CharField(source="bind_flow.slug")
bind_flow_slug = CharField(source="authorization_flow.slug")
class Meta:

View file

@ -1,4 +1,4 @@
# Generated by Django 3.2 on 2021-04-26 09:51
# Generated by Django 3.2 on 2021-04-26 12:45
import django.db.models.deletion
from django.db import migrations, models
@ -10,7 +10,6 @@ class Migration(migrations.Migration):
dependencies = [
("authentik_core", "0019_source_managed"),
("authentik_flows", "0018_oob_flows"),
]
operations = [
@ -35,21 +34,11 @@ class Migration(migrations.Migration):
help_text="DN under which objects are accessible.",
),
),
(
"bind_flow",
models.ForeignKey(
default=None,
help_text="Flow which is used to bind users. When left empty, no users will be able to bind.",
null=True,
on_delete=django.db.models.deletion.SET_DEFAULT,
to="authentik_flows.flow",
),
),
],
options={
"verbose_name": "LDAP Provider",
"verbose_name_plural": "LDAP Providers",
},
bases=("authentik_core.provider",),
bases=("authentik_core.provider", models.Model),
),
]

View file

@ -18,16 +18,6 @@ class LDAPProvider(OutpostModel, Provider):
help_text=_("DN under which objects are accessible."),
)
bind_flow = models.ForeignKey(
Flow,
null=True,
default=None,
on_delete=models.SET_DEFAULT,
help_text=_(
"Flow which is used to bind users. When left empty, no users will be able to bind."
),
)
@property
def launch_url(self) -> Optional[str]:
"""LDAP never has a launch URL"""

View file

@ -37,7 +37,7 @@ func (ls *LDAPServer) Refresh() error {
}
func (ls *LDAPServer) Start() error {
listen := "127.0.0.1:3390"
listen := "0.0.0.0:3389"
log.Debugf("Listening on %s", listen)
err := ls.s.ListenAndServe(listen)
if err != nil {

View file

@ -6,7 +6,6 @@ COPY . .
RUN go build -o /work/proxy ./cmd/proxy
# Copy binary to alpine
FROM gcr.io/distroless/base-debian10:debug
COPY --from=builder /work/proxy /

View file

@ -17101,13 +17101,6 @@ definitions:
title: Verbose name plural
type: string
readOnly: true
bind_flow:
title: Bind flow
description: Flow which is used to bind users. When left empty, no users will
be able to bind.
type: string
format: uuid
x-nullable: true
base_dn:
title: Base dn
description: DN under which objects are accessible.

View file

@ -89,6 +89,16 @@ export class OutpostForm extends Form<Outpost> {
return html`<option value=${ifDefined(provider.pk)} ?selected=${selected}>${provider.verboseName} ${provider.name}</option>`;
});
}), html`<option>${t`Loading...`}</option>`)}
${until(new ProvidersApi(DEFAULT_CONFIG).providersLdapList({
ordering: "pk"
}).then(providers => {
return providers.results.map(provider => {
const selected = Array.from(this.outpost?.providers || []).some(sp => {
return sp == provider.pk;
});
return html`<option value=${ifDefined(provider.pk)} ?selected=${selected}>${provider.verboseName} ${provider.name}</option>`;
});
}), html`<option>${t`Loading...`}</option>`)}
</select>
<p class="pf-c-form__helper-text">${t`Hold control/command to select multiple items.`}</p>
</ak-form-element-horizontal>

View file

@ -56,14 +56,14 @@ export class LDAPProviderFormPage extends Form<LDAPProvider> {
<ak-form-element-horizontal
label=${t`Bind flow`}
?required=${true}
name="bindFlow">
name="authorizationFlow">
<select class="pf-c-form-control">
${until(new FlowsApi(DEFAULT_CONFIG).flowsInstancesList({
ordering: "pk",
designation: FlowDesignationEnum.Authentication,
}).then(flows => {
return flows.results.map(flow => {
return html`<option value=${ifDefined(flow.pk)} ?selected=${this.provider?.bindFlow === flow.pk}>${flow.name} (${flow.slug})</option>`;
return html`<option value=${ifDefined(flow.pk)} ?selected=${this.provider?.authorizationFlow === flow.pk}>${flow.name} (${flow.slug})</option>`;
});
}), html`<option>${t`Loading...`}</option>`)}
</select>