providers/oauth2: add user UUID as subject option (#5556)

* providers/oauth2: add user UUID as subject option

* Added translations for new OAuth2 subject option
This commit is contained in:
Michael OBrien 2023-05-10 08:50:13 -07:00 committed by GitHub
parent 1c04dc0986
commit eb071d4d90
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
15 changed files with 830 additions and 1026 deletions

View file

@ -26,6 +26,7 @@ class SubModes(models.TextChoices):
HASHED_USER_ID = "hashed_user_id", _("Based on the Hashed User ID")
USER_ID = "user_id", _("Based on user ID")
USER_UUID = "user_uuid", _("Based on user UUID")
USER_USERNAME = "user_username", _("Based on the username")
USER_EMAIL = (
"user_email",
@ -96,6 +97,8 @@ class IDToken:
id_token.sub = token.user.uid
elif provider.sub_mode == SubModes.USER_ID:
id_token.sub = str(token.user.pk)
elif provider.sub_mode == SubModes.USER_UUID:
id_token.sub = str(token.user.uuid)
elif provider.sub_mode == SubModes.USER_EMAIL:
id_token.sub = token.user.email
elif provider.sub_mode == SubModes.USER_USERNAME:

View file

@ -3653,6 +3653,7 @@
"enum": [
"hashed_user_id",
"user_id",
"user_uuid",
"user_username",
"user_email",
"user_upn"
@ -3766,6 +3767,7 @@
"enum": [
"hashed_user_id",
"user_id",
"user_uuid",
"user_username",
"user_email",
"user_upn"
@ -3957,6 +3959,7 @@
"enum": [
"hashed_user_id",
"user_id",
"user_uuid",
"user_username",
"user_email",
"user_upn"
@ -4152,6 +4155,7 @@
"enum": [
"hashed_user_id",
"user_id",
"user_uuid",
"user_username",
"user_email",
"user_upn"

View file

@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2023-05-08 14:23+0000\n"
"POT-Creation-Date: 2023-05-09 18:53+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@ -880,14 +880,18 @@ msgid "Based on user ID"
msgstr ""
#: authentik/providers/oauth2/id_token.py:29
msgid "Based on user UUID"
msgstr ""
#: authentik/providers/oauth2/id_token.py:30
msgid "Based on the username"
msgstr ""
#: authentik/providers/oauth2/id_token.py:32
#: authentik/providers/oauth2/id_token.py:33
msgid "Based on the User's Email. This is recommended over the UPN method."
msgstr ""
#: authentik/providers/oauth2/id_token.py:37
#: authentik/providers/oauth2/id_token.py:38
msgid ""
"Based on the User's UPN, only works if user has a 'upn' attribute set. Use "
"this method only if you have different UPN and Mail domains."

View file

@ -14893,11 +14893,13 @@ paths:
- user_id
- user_upn
- user_username
- user_uuid
description: |-
Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
* `hashed_user_id` - Based on the Hashed User ID
* `user_id` - Based on user ID
* `user_uuid` - Based on user UUID
* `user_username` - Based on the username
* `user_email` - Based on the User's Email. This is recommended over the UPN method.
* `user_upn` - Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains.
@ -31547,6 +31549,7 @@ components:
* `hashed_user_id` - Based on the Hashed User ID
* `user_id` - Based on user ID
* `user_uuid` - Based on user UUID
* `user_username` - Based on the username
* `user_email` - Based on the User's Email. This is recommended over the UPN method.
* `user_upn` - Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains.
@ -31651,6 +31654,7 @@ components:
* `hashed_user_id` - Based on the Hashed User ID
* `user_id` - Based on user ID
* `user_uuid` - Based on user UUID
* `user_username` - Based on the username
* `user_email` - Based on the User's Email. This is recommended over the UPN method.
* `user_upn` - Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains.
@ -36546,6 +36550,7 @@ components:
* `hashed_user_id` - Based on the Hashed User ID
* `user_id` - Based on user ID
* `user_uuid` - Based on user UUID
* `user_username` - Based on the username
* `user_email` - Based on the User's Email. This is recommended over the UPN method.
* `user_upn` - Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains.
@ -40466,6 +40471,7 @@ components:
enum:
- hashed_user_id
- user_id
- user_uuid
- user_username
- user_email
- user_upn
@ -40473,6 +40479,7 @@ components:
description: |-
* `hashed_user_id` - Based on the Hashed User ID
* `user_id` - Based on user ID
* `user_uuid` - Based on user UUID
* `user_username` - Based on the username
* `user_email` - Based on the User's Email. This is recommended over the UPN method.
* `user_upn` - Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains.

View file

@ -378,6 +378,10 @@ ${this.instance?.redirectUris}</textarea
label: t`Based on the User's ID`,
value: SubModeEnum.UserId,
},
{
label: t`Based on the User's UUID`,
value: SubModeEnum.UserUuid,
},
{
label: t`Based on the User's username`,
value: SubModeEnum.UserUsername,

View file

@ -988,6 +988,10 @@ msgstr ""
msgid "Based on the User's username"
msgstr ""
#: src/admin/providers/oauth2/OAuth2ProviderForm.ts
msgid "Based on the User's UUID"
msgstr ""
#: src/admin/providers/oauth2/OAuth2ProviderForm.ts
#~ msgid "Based on the username"
#~ msgstr "Basierend auf dem Benutzernamen"

View file

@ -980,6 +980,10 @@ msgstr "Based on the User's UPN"
msgid "Based on the User's username"
msgstr "Based on the User's username"
#: src/admin/providers/oauth2/OAuth2ProviderForm.ts
msgid "Based on the User's UUID"
msgstr "Based on the User's UUID"
#: src/admin/providers/oauth2/OAuth2ProviderForm.ts
#~ msgid "Based on the username"
#~ msgstr "Based on the username"

View file

@ -966,6 +966,10 @@ msgstr ""
msgid "Based on the User's username"
msgstr ""
#: src/admin/providers/oauth2/OAuth2ProviderForm.ts
msgid "Based on the User's UUID"
msgstr ""
#: src/admin/providers/oauth2/OAuth2ProviderForm.ts
#~ msgid "Based on the username"
#~ msgstr "Basado en el nombre de usuario"

View file

@ -971,6 +971,10 @@ msgstr ""
msgid "Based on the User's username"
msgstr ""
#: src/admin/providers/oauth2/OAuth2ProviderForm.ts
msgid "Based on the User's UUID"
msgstr ""
#: src/admin/providers/oauth2/OAuth2ProviderForm.ts
#~ msgid "Based on the username"
#~ msgstr "Basé sur le nom d'utilisateur"

View file

@ -970,6 +970,10 @@ msgstr ""
msgid "Based on the User's username"
msgstr ""
#: src/admin/providers/oauth2/OAuth2ProviderForm.ts
msgid "Based on the User's UUID"
msgstr ""
#: src/admin/providers/oauth2/OAuth2ProviderForm.ts
#~ msgid "Based on the username"
#~ msgstr "Na podstawie nazwy użytkownika"

View file

@ -972,6 +972,10 @@ msgstr ""
msgid "Based on the User's username"
msgstr ""
#: src/admin/providers/oauth2/OAuth2ProviderForm.ts
msgid "Based on the User's UUID"
msgstr ""
#: src/admin/providers/oauth2/OAuth2ProviderForm.ts
#~ msgid "Based on the username"
#~ msgstr ""

View file

@ -966,6 +966,10 @@ msgstr ""
msgid "Based on the User's username"
msgstr ""
#: src/admin/providers/oauth2/OAuth2ProviderForm.ts
msgid "Based on the User's UUID"
msgstr ""
#: src/admin/providers/oauth2/OAuth2ProviderForm.ts
#~ msgid "Based on the username"
#~ msgstr "Kullanıcı adına göre"

File diff suppressed because it is too large Load diff

View file

@ -972,6 +972,10 @@ msgstr ""
msgid "Based on the User's username"
msgstr ""
#: src/admin/providers/oauth2/OAuth2ProviderForm.ts
msgid "Based on the User's UUID"
msgstr ""
#: src/admin/providers/oauth2/OAuth2ProviderForm.ts
#~ msgid "Based on the username"
#~ msgstr "基于用户名"

View file

@ -972,6 +972,10 @@ msgstr ""
msgid "Based on the User's username"
msgstr ""
#: src/admin/providers/oauth2/OAuth2ProviderForm.ts
msgid "Based on the User's UUID"
msgstr ""
#: src/admin/providers/oauth2/OAuth2ProviderForm.ts
#~ msgid "Based on the username"
#~ msgstr "基于用户名"