admin: remove provider views
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
5eb9b95ab5
commit
b4a6f8350b
|
@ -1,7 +1,7 @@
|
|||
"""authentik URL Configuration"""
|
||||
from django.urls import path
|
||||
|
||||
from authentik.admin.views import policies, providers, sources, stages
|
||||
from authentik.admin.views import policies, sources, stages
|
||||
|
||||
urlpatterns = [
|
||||
# Sources
|
||||
|
@ -18,17 +18,6 @@ urlpatterns = [
|
|||
policies.PolicyUpdateView.as_view(),
|
||||
name="policy-update",
|
||||
),
|
||||
# Providers
|
||||
path(
|
||||
"providers/create/",
|
||||
providers.ProviderCreateView.as_view(),
|
||||
name="provider-create",
|
||||
),
|
||||
path(
|
||||
"providers/<int:pk>/update/",
|
||||
providers.ProviderUpdateView.as_view(),
|
||||
name="provider-update",
|
||||
),
|
||||
# Stages
|
||||
path("stages/create/", stages.StageCreateView.as_view(), name="stage-create"),
|
||||
path(
|
||||
|
|
|
@ -1,41 +0,0 @@
|
|||
"""authentik Provider administration"""
|
||||
from django.contrib.auth.mixins import LoginRequiredMixin
|
||||
from django.contrib.auth.mixins import (
|
||||
PermissionRequiredMixin as DjangoPermissionRequiredMixin,
|
||||
)
|
||||
from django.contrib.messages.views import SuccessMessageMixin
|
||||
from django.utils.translation import gettext as _
|
||||
from guardian.mixins import PermissionRequiredMixin
|
||||
|
||||
from authentik.admin.views.utils import InheritanceCreateView, InheritanceUpdateView
|
||||
from authentik.core.models import Provider
|
||||
|
||||
|
||||
class ProviderCreateView(
|
||||
SuccessMessageMixin,
|
||||
LoginRequiredMixin,
|
||||
DjangoPermissionRequiredMixin,
|
||||
InheritanceCreateView,
|
||||
):
|
||||
"""Create new Provider"""
|
||||
|
||||
model = Provider
|
||||
permission_required = "authentik_core.add_provider"
|
||||
success_url = "/"
|
||||
template_name = "generic/create.html"
|
||||
success_message = _("Successfully created Provider")
|
||||
|
||||
|
||||
class ProviderUpdateView(
|
||||
SuccessMessageMixin,
|
||||
LoginRequiredMixin,
|
||||
PermissionRequiredMixin,
|
||||
InheritanceUpdateView,
|
||||
):
|
||||
"""Update provider"""
|
||||
|
||||
model = Provider
|
||||
permission_required = "authentik_core.change_provider"
|
||||
success_url = "/"
|
||||
template_name = "generic/update.html"
|
||||
success_message = _("Successfully updated Provider")
|
|
@ -1,5 +1,4 @@
|
|||
"""Provider API Views"""
|
||||
from django.urls import reverse
|
||||
from django.utils.translation import gettext_lazy as _
|
||||
from drf_yasg.utils import swagger_auto_schema
|
||||
from rest_framework import mixins
|
||||
|
@ -34,7 +33,6 @@ class ProviderSerializer(ModelSerializer, MetaNameSerializer):
|
|||
fields = [
|
||||
"pk",
|
||||
"name",
|
||||
"application",
|
||||
"authorization_flow",
|
||||
"property_mappings",
|
||||
"object_type",
|
||||
|
@ -76,15 +74,14 @@ class ProviderViewSet(
|
|||
{
|
||||
"name": verbose_name(subclass),
|
||||
"description": subclass.__doc__,
|
||||
"link": reverse("authentik_admin:provider-create")
|
||||
+ f"?type={subclass.__name__}",
|
||||
"link": subclass().component,
|
||||
}
|
||||
)
|
||||
data.append(
|
||||
{
|
||||
"name": _("SAML Provider from Metadata"),
|
||||
"description": _("Create a SAML Provider by importing its Metadata."),
|
||||
"link": reverse("authentik_admin:provider-saml-from-metadata"),
|
||||
"link": "ak-provider-saml-import-form",
|
||||
}
|
||||
)
|
||||
return Response(TypeCreateSerializer(data, many=True).data)
|
||||
|
|
|
@ -188,8 +188,8 @@ class Provider(SerializerModel):
|
|||
return None
|
||||
|
||||
@property
|
||||
def form(self) -> Type[ModelForm]:
|
||||
"""Return Form class used to edit this object"""
|
||||
def component(self) -> str:
|
||||
"""Return component used to edit this object"""
|
||||
raise NotImplementedError
|
||||
|
||||
@property
|
||||
|
|
|
@ -1,75 +0,0 @@
|
|||
"""authentik OAuth2 Provider Forms"""
|
||||
|
||||
from django import forms
|
||||
from django.core.exceptions import ValidationError
|
||||
from django.utils.translation import gettext as _
|
||||
|
||||
from authentik.crypto.models import CertificateKeyPair
|
||||
from authentik.flows.models import Flow, FlowDesignation
|
||||
from authentik.providers.oauth2.generators import (
|
||||
generate_client_id,
|
||||
generate_client_secret,
|
||||
)
|
||||
from authentik.providers.oauth2.models import (
|
||||
JWTAlgorithms,
|
||||
OAuth2Provider,
|
||||
ScopeMapping,
|
||||
)
|
||||
|
||||
|
||||
class OAuth2ProviderForm(forms.ModelForm):
|
||||
"""OAuth2 Provider form"""
|
||||
|
||||
def __init__(self, *args, **kwargs):
|
||||
super().__init__(*args, **kwargs)
|
||||
self.fields["authorization_flow"].queryset = Flow.objects.filter(
|
||||
designation=FlowDesignation.AUTHORIZATION
|
||||
)
|
||||
self.fields["client_id"].initial = generate_client_id()
|
||||
self.fields["client_secret"].initial = generate_client_secret()
|
||||
self.fields["rsa_key"].queryset = CertificateKeyPair.objects.exclude(
|
||||
key_data__exact=""
|
||||
)
|
||||
self.fields["property_mappings"].queryset = ScopeMapping.objects.all()
|
||||
|
||||
def clean_jwt_alg(self):
|
||||
"""Ensure that when RS256 is selected, a certificate-key-pair is selected"""
|
||||
if (
|
||||
self.data["rsa_key"] == ""
|
||||
and self.cleaned_data["jwt_alg"] == JWTAlgorithms.RS256
|
||||
):
|
||||
raise ValidationError(
|
||||
_("RS256 requires a Certificate-Key-Pair to be selected.")
|
||||
)
|
||||
return self.cleaned_data["jwt_alg"]
|
||||
|
||||
class Meta:
|
||||
model = OAuth2Provider
|
||||
fields = [
|
||||
"name",
|
||||
"authorization_flow",
|
||||
"client_type",
|
||||
"client_id",
|
||||
"client_secret",
|
||||
"token_validity",
|
||||
"jwt_alg",
|
||||
"property_mappings",
|
||||
"rsa_key",
|
||||
"redirect_uris",
|
||||
"sub_mode",
|
||||
"include_claims_in_id_token",
|
||||
"issuer_mode",
|
||||
]
|
||||
widgets = {
|
||||
"name": forms.TextInput(),
|
||||
"token_validity": forms.TextInput(),
|
||||
}
|
||||
labels = {"property_mappings": _("Scopes")}
|
||||
help_texts = {
|
||||
"property_mappings": _(
|
||||
(
|
||||
"Select which scopes <b>can</b> be used by the client. "
|
||||
"The client stil has to specify the scope to access the data."
|
||||
)
|
||||
)
|
||||
}
|
|
@ -13,7 +13,6 @@ from uuid import uuid4
|
|||
from dacite import from_dict
|
||||
from django.conf import settings
|
||||
from django.db import models
|
||||
from django.forms import ModelForm
|
||||
from django.http import HttpRequest
|
||||
from django.utils import dateformat, timezone
|
||||
from django.utils.translation import gettext_lazy as _
|
||||
|
@ -283,18 +282,16 @@ class OAuth2Provider(Provider):
|
|||
launch_url = urlparse(main_url)
|
||||
return main_url.replace(launch_url.path, "")
|
||||
|
||||
@property
|
||||
def component(self) -> str:
|
||||
return "ak-provider-oauth2-form"
|
||||
|
||||
@property
|
||||
def serializer(self) -> Type[Serializer]:
|
||||
from authentik.providers.oauth2.api.provider import OAuth2ProviderSerializer
|
||||
|
||||
return OAuth2ProviderSerializer
|
||||
|
||||
@property
|
||||
def form(self) -> Type[ModelForm]:
|
||||
from authentik.providers.oauth2.forms import OAuth2ProviderForm
|
||||
|
||||
return OAuth2ProviderForm
|
||||
|
||||
def __str__(self):
|
||||
return f"OAuth2 Provider {self.name}"
|
||||
|
||||
|
|
|
@ -1,50 +0,0 @@
|
|||
"""authentik Proxy Provider Forms"""
|
||||
from django import forms
|
||||
|
||||
from authentik.crypto.models import CertificateKeyPair
|
||||
from authentik.flows.models import Flow, FlowDesignation
|
||||
from authentik.providers.proxy.models import ProxyProvider
|
||||
|
||||
|
||||
class ProxyProviderForm(forms.ModelForm):
|
||||
"""Proxy Provider form"""
|
||||
|
||||
instance: ProxyProvider
|
||||
|
||||
def __init__(self, *args, **kwargs):
|
||||
super().__init__(*args, **kwargs)
|
||||
self.fields["authorization_flow"].queryset = Flow.objects.filter(
|
||||
designation=FlowDesignation.AUTHORIZATION
|
||||
)
|
||||
self.fields["certificate"].queryset = CertificateKeyPair.objects.filter(
|
||||
key_data__isnull=False
|
||||
).exclude(key_data="")
|
||||
|
||||
def save(self, *args, **kwargs):
|
||||
actual_save = super().save(*args, **kwargs)
|
||||
self.instance.set_oauth_defaults()
|
||||
self.instance.save()
|
||||
return actual_save
|
||||
|
||||
class Meta:
|
||||
|
||||
model = ProxyProvider
|
||||
fields = [
|
||||
"name",
|
||||
"authorization_flow",
|
||||
"internal_host",
|
||||
"internal_host_ssl_validation",
|
||||
"external_host",
|
||||
"certificate",
|
||||
"skip_path_regex",
|
||||
"basic_auth_enabled",
|
||||
"basic_auth_user_attribute",
|
||||
"basic_auth_password_attribute",
|
||||
]
|
||||
widgets = {
|
||||
"name": forms.TextInput(),
|
||||
"internal_host": forms.TextInput(),
|
||||
"external_host": forms.TextInput(),
|
||||
"basic_auth_user_attribute": forms.TextInput(),
|
||||
"basic_auth_password_attribute": forms.TextInput(),
|
||||
}
|
|
@ -5,7 +5,6 @@ from typing import Iterable, Optional, Type
|
|||
from urllib.parse import urljoin
|
||||
|
||||
from django.db import models
|
||||
from django.forms import ModelForm
|
||||
from django.utils.translation import gettext as _
|
||||
from rest_framework.serializers import Serializer
|
||||
|
||||
|
@ -102,10 +101,8 @@ class ProxyProvider(OutpostModel, OAuth2Provider):
|
|||
cookie_secret = models.TextField(default=get_cookie_secret)
|
||||
|
||||
@property
|
||||
def form(self) -> Type[ModelForm]:
|
||||
from authentik.providers.proxy.forms import ProxyProviderForm
|
||||
|
||||
return ProxyProviderForm
|
||||
def component(self) -> str:
|
||||
return "ak-provider-proxy-form"
|
||||
|
||||
@property
|
||||
def serializer(self) -> Type[Serializer]:
|
||||
|
|
Reference in a new issue