mirror of
https://github.com/goauthentik/authentik
synced 2026-04-25 17:15:26 +02:00
d1fb7dde14
* init Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix metadata Signed-off-by: Jens Langhammer <jens@goauthentik.io> * aight Signed-off-by: Jens Langhammer <jens@goauthentik.io> * progress Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix timedelta Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start testing metadata Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add some more tests and schemas Signed-off-by: Jens Langhammer <jens@goauthentik.io> * test signature Signed-off-by: Jens Langhammer <jens@goauthentik.io> * attempt to fix signed xml linebreak https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/issues/1258 https://github.com/robrichards/xmlseclibs/issues/28 https://github.com/xmlsec/python-xmlsec/issues/196 Signed-off-by: Jens Langhammer <jens@goauthentik.io> * format + gen Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update web Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more validation Signed-off-by: Jens Langhammer <jens@goauthentik.io> * hmm Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add e2e test Signed-off-by: Jens Langhammer <jens@goauthentik.io> * qol fix in wait_for_url Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add UI Signed-off-by: Jens Langhammer <jens@goauthentik.io> * acs -> reply url Signed-off-by: Jens Langhammer <jens@goauthentik.io> * sign_out Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix some XML typing Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove verification_kp as its not used Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix reply url Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add ws-fed to tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add logout test Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add SAMLSession Signed-off-by: Jens Langhammer <jens@goauthentik.io> * refactor Signed-off-by: Jens Langhammer <jens@goauthentik.io> * unrelated type fixes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add backchannel logout Signed-off-by: Jens Langhammer <jens@goauthentik.io> * delete import_metadata in wsfed Signed-off-by: Jens Langhammer <jens@goauthentik.io> * include generated realm Signed-off-by: Jens Langhammer <jens@goauthentik.io> * Update web/src/admin/providers/wsfed/WSFederationProviderViewPage.ts Co-authored-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com> Signed-off-by: Jens L. <jens@beryju.org> * include wtrealm in ui Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens L. <jens@beryju.org> Co-authored-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com>
70 lines
2.5 KiB
Python
70 lines
2.5 KiB
Python
"""WSFederationProvider API Views"""
|
|
|
|
from django.http import HttpRequest
|
|
from django.urls import reverse
|
|
from rest_framework.fields import SerializerMethodField, URLField
|
|
|
|
from authentik.core.api.providers import ProviderSerializer
|
|
from authentik.core.models import Application
|
|
from authentik.enterprise.api import EnterpriseRequiredMixin
|
|
from authentik.enterprise.providers.ws_federation.models import WSFederationProvider
|
|
from authentik.enterprise.providers.ws_federation.processors.metadata import MetadataProcessor
|
|
from authentik.providers.saml.api.providers import SAMLProviderSerializer, SAMLProviderViewSet
|
|
|
|
|
|
class WSFederationProviderSerializer(EnterpriseRequiredMixin, SAMLProviderSerializer):
|
|
"""WSFederationProvider Serializer"""
|
|
|
|
reply_url = URLField(source="acs_url")
|
|
url_wsfed = SerializerMethodField()
|
|
wtrealm = SerializerMethodField()
|
|
|
|
def get_url_wsfed(self, instance: WSFederationProvider) -> str:
|
|
"""Get WS-Fed url"""
|
|
if "request" not in self._context:
|
|
return ""
|
|
request: HttpRequest = self._context["request"]._request
|
|
return request.build_absolute_uri(reverse("authentik_providers_ws_federation:wsfed"))
|
|
|
|
def get_wtrealm(self, instance: WSFederationProvider) -> str:
|
|
try:
|
|
return f"goauthentik.io://app/{instance.application.slug}"
|
|
except Application.DoesNotExist:
|
|
return None
|
|
|
|
class Meta(SAMLProviderSerializer.Meta):
|
|
model = WSFederationProvider
|
|
fields = ProviderSerializer.Meta.fields + [
|
|
"reply_url",
|
|
"assertion_valid_not_before",
|
|
"assertion_valid_not_on_or_after",
|
|
"session_valid_not_on_or_after",
|
|
"property_mappings",
|
|
"name_id_mapping",
|
|
"authn_context_class_ref_mapping",
|
|
"digest_algorithm",
|
|
"signature_algorithm",
|
|
"signing_kp",
|
|
"encryption_kp",
|
|
"sign_assertion",
|
|
"sign_logout_request",
|
|
"default_name_id_policy",
|
|
"url_download_metadata",
|
|
"url_wsfed",
|
|
"wtrealm",
|
|
]
|
|
extra_kwargs = ProviderSerializer.Meta.extra_kwargs
|
|
|
|
|
|
class WSFederationProviderViewSet(SAMLProviderViewSet):
|
|
"""WSFederationProvider Viewset"""
|
|
|
|
queryset = WSFederationProvider.objects.all()
|
|
serializer_class = WSFederationProviderSerializer
|
|
filterset_fields = "__all__"
|
|
ordering = ["name"]
|
|
search_fields = ["name"]
|
|
|
|
metadata_generator_class = MetadataProcessor
|
|
import_metadata = None
|