trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
This repository has been archived on 2024-05-31. You can view files and clone it, but cannot push or open issues or pull requests.
authentik/passbook/providers/proxy/models.py

74 lines
2.3 KiB
Python
Raw Blame History

"""passbook proxy models"""
from typing import Optional, Type
from django.core.validators import URLValidator
from django.db import models
from django.forms import ModelForm
from django.http import HttpRequest
from django.utils.translation import gettext as _
from passbook.lib.utils.template import render_to_string
from passbook.providers.oauth2.constants import (
SCOPE_OPENID,
SCOPE_OPENID_EMAIL,
SCOPE_OPENID_PROFILE,
)
from passbook.providers.oauth2.models import (
ClientTypes,
JWTAlgorithms,
OAuth2Provider,
ResponseTypes,
ScopeMapping,
)
class ProxyProvider(OAuth2Provider):
"""Protect applications that don't support any of the other
Protocols by using a Reverse-Proxy."""
internal_host = models.TextField(
validators=[URLValidator(schemes=("http", "https"))]
)
external_host = models.TextField(
validators=[URLValidator(schemes=("http", "https"))]
)
def form(self) -> Type[ModelForm]:
from passbook.providers.proxy.forms import ProxyProviderForm
return ProxyProviderForm
def html_setup_urls(self, request: HttpRequest) -> Optional[str]:
"""return template and context modal with URLs for authorize, token, openid-config, etc"""
from passbook.providers.proxy.views import DockerComposeView
docker_compose_yaml = DockerComposeView(request=request).get_compose(self)
return render_to_string(
"providers/proxy/setup_modal.html",
{"provider": self, "docker_compose": docker_compose_yaml},
)
def set_oauth_defaults(self):
"""Ensure all OAuth2-related settings are correct"""
self.client_type = ClientTypes.CONFIDENTIAL
self.response_type = ResponseTypes.CODE
self.jwt_alg = JWTAlgorithms.HS256
scopes = ScopeMapping.objects.filter(
scope_name__in=[SCOPE_OPENID, SCOPE_OPENID_PROFILE, SCOPE_OPENID_EMAIL]
)
self.property_mappings.set(scopes)
self.redirect_uris = "\n".join(
[
f"{self.external_host}/oauth2/callback",
f"{self.internal_host}/oauth2/callback",
]
)
def __str__(self):
return self.name
class Meta:
verbose_name = _("Proxy Provider")
verbose_name_plural = _("Proxy Providers")
Reference in New Issue View Git Blame Copy Permalink