diff --git a/authentik/api/auth.py b/authentik/api/auth.py index 8fa5ca963..412b69d5e 100644 --- a/authentik/api/auth.py +++ b/authentik/api/auth.py @@ -59,10 +59,13 @@ class AuthentikTokenAuthentication(BaseAuthentication): class TokenSchema(OpenApiAuthenticationExtension): + """Auth schema""" + target_class = AuthentikTokenAuthentication name = "authentik" def get_security_definition(self, auto_schema): + """Auth schema""" return { "type": "apiKey", "in": "header", diff --git a/authentik/api/templates/api/swagger.html b/authentik/api/templates/api/browser.html similarity index 100% rename from authentik/api/templates/api/swagger.html rename to authentik/api/templates/api/browser.html diff --git a/authentik/api/tests/test_schema.py b/authentik/api/tests/test_schema.py new file mode 100644 index 000000000..d86597d96 --- /dev/null +++ b/authentik/api/tests/test_schema.py @@ -0,0 +1,22 @@ +"""Schema generation tests""" +from django.urls import reverse +from rest_framework.test import APITestCase +from yaml import safe_load + + +class TestSchemaGeneration(APITestCase): + """Generic admin tests""" + + def test_schema(self): + """Test generation""" + response = self.client.get( + reverse("authentik_api:schema"), + ) + self.assertTrue(safe_load(response.content.decode())) + + def test_browser(self): + """Test API Browser""" + response = self.client.get( + reverse("authentik_api:schema-browser"), + ) + self.assertEqual(response.status_code, 200) diff --git a/authentik/api/tests/test_swagger.py b/authentik/api/tests/test_swagger.py deleted file mode 100644 index 7857248ce..000000000 --- a/authentik/api/tests/test_swagger.py +++ /dev/null @@ -1,31 +0,0 @@ -"""Swagger generation tests""" -from json import loads - -from django.urls import reverse -from rest_framework.test import APITestCase -from yaml import safe_load - - -class TestSwaggerGeneration(APITestCase): - """Generic admin tests""" - - def test_yaml(self): - """Test YAML generation""" - response = self.client.get( - reverse("authentik_api:schema-json", kwargs={"format": ".yaml"}), - ) - self.assertTrue(safe_load(response.content.decode())) - - def test_json(self): - """Test JSON generation""" - response = self.client.get( - reverse("authentik_api:schema-json", kwargs={"format": ".json"}), - ) - self.assertTrue(loads(response.content.decode())) - - def test_browser(self): - """Test API Browser""" - response = self.client.get( - reverse("authentik_api:swagger"), - ) - self.assertEqual(response.status_code, 200) diff --git a/authentik/api/v2/urls.py b/authentik/api/v2/urls.py index ce2a5b128..70131035a 100644 --- a/authentik/api/v2/urls.py +++ b/authentik/api/v2/urls.py @@ -1,8 +1,7 @@ """api v2 urls""" -from django.urls import path, re_path +from django.urls import path from drf_spectacular.views import SpectacularAPIView from rest_framework import routers -from rest_framework.permissions import AllowAny from authentik.admin.api.meta import AppsViewSet from authentik.admin.api.metrics import AdministrationMetricsViewSet @@ -10,7 +9,7 @@ from authentik.admin.api.tasks import TaskViewSet from authentik.admin.api.version import VersionViewSet from authentik.admin.api.workers import WorkerViewSet from authentik.api.v2.config import ConfigsViewSet -from authentik.api.views import SwaggerView +from authentik.api.views import APIBrowserView from authentik.core.api.applications import ApplicationViewSet from authentik.core.api.groups import GroupViewSet from authentik.core.api.propertymappings import PropertyMappingViewSet @@ -197,7 +196,7 @@ router.register("policies/dummy", DummyPolicyViewSet) urlpatterns = ( [ - path("", SwaggerView.as_view(), name="swagger"), + path("", APIBrowserView.as_view(), name="schema-browser"), ] + router.urls + [ diff --git a/authentik/api/views.py b/authentik/api/views.py index 736586cd7..36193ed17 100644 --- a/authentik/api/views.py +++ b/authentik/api/views.py @@ -5,10 +5,10 @@ from django.urls import reverse from django.views.generic import TemplateView -class SwaggerView(TemplateView): - """Show swagger view based on rapi-doc""" +class APIBrowserView(TemplateView): + """Show browser view based on rapi-doc""" - template_name = "api/swagger.html" + template_name = "api/browser.html" def get_context_data(self, **kwargs: Any) -> dict[str, Any]: path = self.request.build_absolute_uri( diff --git a/authentik/providers/oauth2/api/provider.py b/authentik/providers/oauth2/api/provider.py index cf239b4a4..db95e393e 100644 --- a/authentik/providers/oauth2/api/provider.py +++ b/authentik/providers/oauth2/api/provider.py @@ -1,5 +1,4 @@ """OAuth2Provider API Views""" -from django.db.models.base import Model from django.urls import reverse from django.utils.translation import gettext_lazy as _ from drf_spectacular.utils import OpenApiResponse, extend_schema diff --git a/authentik/providers/saml/api.py b/authentik/providers/saml/api.py index 65222ca4d..804f4b919 100644 --- a/authentik/providers/saml/api.py +++ b/authentik/providers/saml/api.py @@ -6,12 +6,7 @@ from django.http.response import HttpResponse from django.shortcuts import get_object_or_404 from django.utils.translation import gettext_lazy as _ from drf_spectacular.types import OpenApiTypes -from drf_spectacular.utils import ( - OpenApiParameter, - OpenApiResponse, - extend_schema, - extend_schema_field, -) +from drf_spectacular.utils import OpenApiParameter, OpenApiResponse, extend_schema from rest_framework.decorators import action from rest_framework.fields import CharField, FileField, ReadOnlyField from rest_framework.parsers import MultiPartParser diff --git a/authentik/root/settings.py b/authentik/root/settings.py index 367053f68..8b4280026 100644 --- a/authentik/root/settings.py +++ b/authentik/root/settings.py @@ -152,7 +152,9 @@ SPECTACULAR_SETTINGS = { "url": "https://github.com/goauthentik/authentik/blob/master/LICENSE", }, "ENUM_NAME_OVERRIDES": { - "ChallengeChoices": "authentik.flows.challenge.ChallengeTypes" + "ChallengeChoices": "authentik.flows.challenge.ChallengeTypes", + "FlowDesignationEnum": "authentik.flows.models.FlowDesignation", + "PolicyEngineMode": "authentik.policies.models.PolicyEngineMode", }, "ENUM_ADD_EXPLICIT_BLANK_NULL_CHOICE": False, } diff --git a/schema.yml b/schema.yml index 586d6aa27..aa4dda159 100644 --- a/schema.yml +++ b/schema.yml @@ -13457,7 +13457,7 @@ components: meta_publisher: type: string policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' required: - launch_url - name @@ -13492,7 +13492,7 @@ components: meta_publisher: type: string policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' required: - name - slug @@ -14073,16 +14073,6 @@ components: $ref: '#/components/schemas/FlowRequest' required: - name - DesignationEnum: - enum: - - authentication - - authorization - - invalidation - - enrollment - - unenrollment - - recovery - - stage_configuration - type: string DeviceClassesEnum: enum: - static @@ -14658,7 +14648,7 @@ components: description: Shown as the Title in Flow pages. designation: allOf: - - $ref: '#/components/schemas/DesignationEnum' + - $ref: '#/components/schemas/FlowDesignationEnum' description: Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. background: @@ -14681,7 +14671,7 @@ components: type: integer readOnly: true policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' required: - cache_count - designation @@ -14692,6 +14682,16 @@ components: - slug - stages - title + FlowDesignationEnum: + enum: + - authentication + - authorization + - invalidation + - enrollment + - unenrollment + - recovery + - stage_configuration + type: string FlowDiagram: type: object description: response of the flow's diagram action @@ -14717,7 +14717,7 @@ components: description: Shown as the Title in Flow pages. designation: allOf: - - $ref: '#/components/schemas/DesignationEnum' + - $ref: '#/components/schemas/FlowDesignationEnum' description: Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. background: @@ -14725,7 +14725,7 @@ components: format: binary description: Background shown during execution policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' required: - designation - name @@ -14766,7 +14766,7 @@ components: maximum: 2147483647 minimum: -2147483648 policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' required: - order - pk @@ -14796,7 +14796,7 @@ components: maximum: 2147483647 minimum: -2147483648 policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' required: - order - stage @@ -15429,7 +15429,7 @@ components: type: string readOnly: true policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' @@ -15523,7 +15523,7 @@ components: nullable: true description: Flow to use when enrolling new users. policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' @@ -16020,7 +16020,7 @@ components: type: string readOnly: true policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' @@ -16095,7 +16095,7 @@ components: nullable: true description: Flow to use when enrolling new users. policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' @@ -18228,7 +18228,7 @@ components: meta_publisher: type: string policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' PatchedAuthenticateWebAuthnStageRequest: type: object description: AuthenticateWebAuthnStage Serializer @@ -18526,7 +18526,7 @@ components: description: Shown as the Title in Flow pages. designation: allOf: - - $ref: '#/components/schemas/DesignationEnum' + - $ref: '#/components/schemas/FlowDesignationEnum' description: Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. background: @@ -18534,7 +18534,7 @@ components: format: binary description: Background shown during execution policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' PatchedFlowStageBindingRequest: type: object description: FlowStageBinding Serializer @@ -18557,7 +18557,7 @@ components: maximum: 2147483647 minimum: -2147483648 policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' PatchedGroupRequest: type: object description: Group Serializer @@ -18755,7 +18755,7 @@ components: nullable: true description: Flow to use when enrolling new users. policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' @@ -18951,7 +18951,7 @@ components: nullable: true description: Flow to use when enrolling new users. policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' @@ -19111,7 +19111,7 @@ components: nullable: true description: Flow to use when enrolling new users. policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' @@ -19391,7 +19391,7 @@ components: nullable: true description: Flow to use when enrolling new users. policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' @@ -19655,7 +19655,7 @@ components: type: string readOnly: true policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' @@ -19708,7 +19708,7 @@ components: nullable: true description: Flow to use when enrolling new users. policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' @@ -19859,7 +19859,7 @@ components: required: - order - target - PolicyEngineModeEnum: + PolicyEngineMode: enum: - all - any @@ -20747,7 +20747,7 @@ components: type: string readOnly: true policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' @@ -20833,7 +20833,7 @@ components: nullable: true description: Flow to use when enrolling new users. policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' @@ -21070,7 +21070,7 @@ components: type: string readOnly: true policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum'