-
-
Notifications
You must be signed in to change notification settings - Fork 891
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'main' into web/update-provider-forms-for-invalidation
* main: (44 commits) web/admin: add strict dompurify config for diagram (#11783) core: bump cryptography from 43.0.1 to 43.0.3 (#11750) web: bump API Client version (#11781) sources: add Kerberos (#10815) root: rework CSRF middleware to set secure flag (#11753) web/admin: improve invalidation flow default & field grouping (#11769) providers/scim: add comparison with existing group on update and delta update users (#11414) website: bump mermaid from 10.6.0 to 10.9.3 in /website (#11766) web/flows: use dompurify for footer links (#11773) core, web: update translations (#11775) core: bump goauthentik.io/api/v3 from 3.2024083.10 to 3.2024083.11 (#11776) website: bump @types/react from 18.3.11 to 18.3.12 in /website (#11777) website: bump http-proxy-middleware from 2.0.6 to 2.0.7 in /website (#11771) web: bump API Client version (#11770) stages: authenticator_endpoint_gdtc (#10477) core: add prompt_data to auth flow (#11702) tests/e2e: fix dex tests failing (#11761) web/rac: disable DPI scaling (#11757) web/admin: update flow background (#11758) website/docs: fix some broken links (#11742) ...
- Loading branch information
Showing
160 changed files
with
9,213 additions
and
1,695 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,59 @@ | ||
"""Test Devices API""" | ||
|
||
from json import loads | ||
|
||
from django.urls import reverse | ||
from rest_framework.test import APITestCase | ||
|
||
from authentik.core.tests.utils import create_test_admin_user, create_test_user | ||
|
||
|
||
class TestDevicesAPI(APITestCase): | ||
"""Test applications API""" | ||
|
||
def setUp(self) -> None: | ||
self.admin = create_test_admin_user() | ||
self.user1 = create_test_user() | ||
self.device1 = self.user1.staticdevice_set.create() | ||
self.user2 = create_test_user() | ||
self.device2 = self.user2.staticdevice_set.create() | ||
|
||
def test_user_api(self): | ||
"""Test user API""" | ||
self.client.force_login(self.user1) | ||
response = self.client.get( | ||
reverse( | ||
"authentik_api:device-list", | ||
) | ||
) | ||
self.assertEqual(response.status_code, 200) | ||
body = loads(response.content.decode()) | ||
self.assertEqual(len(body), 1) | ||
self.assertEqual(body[0]["pk"], str(self.device1.pk)) | ||
|
||
def test_user_api_as_admin(self): | ||
"""Test user API""" | ||
self.client.force_login(self.admin) | ||
response = self.client.get( | ||
reverse( | ||
"authentik_api:device-list", | ||
) | ||
) | ||
self.assertEqual(response.status_code, 200) | ||
body = loads(response.content.decode()) | ||
self.assertEqual(len(body), 0) | ||
|
||
def test_admin_api(self): | ||
"""Test admin API""" | ||
self.client.force_login(self.admin) | ||
response = self.client.get( | ||
reverse( | ||
"authentik_api:admin-device-list", | ||
) | ||
) | ||
self.assertEqual(response.status_code, 200) | ||
body = loads(response.content.decode()) | ||
self.assertEqual(len(body), 2) | ||
self.assertEqual( | ||
{body[0]["pk"], body[1]["pk"]}, {str(self.device1.pk), str(self.device2.pk)} | ||
) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
82 changes: 82 additions & 0 deletions
82
authentik/enterprise/stages/authenticator_endpoint_gdtc/api.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,82 @@ | ||
"""AuthenticatorEndpointGDTCStage API Views""" | ||
|
||
from django_filters.rest_framework.backends import DjangoFilterBackend | ||
from rest_framework import mixins | ||
from rest_framework.filters import OrderingFilter, SearchFilter | ||
from rest_framework.permissions import IsAdminUser | ||
from rest_framework.serializers import ModelSerializer | ||
from rest_framework.viewsets import GenericViewSet, ModelViewSet | ||
from structlog.stdlib import get_logger | ||
|
||
from authentik.api.authorization import OwnerFilter, OwnerPermissions | ||
from authentik.core.api.used_by import UsedByMixin | ||
from authentik.enterprise.api import EnterpriseRequiredMixin | ||
from authentik.enterprise.stages.authenticator_endpoint_gdtc.models import ( | ||
AuthenticatorEndpointGDTCStage, | ||
EndpointDevice, | ||
) | ||
from authentik.flows.api.stages import StageSerializer | ||
|
||
LOGGER = get_logger() | ||
|
||
|
||
class AuthenticatorEndpointGDTCStageSerializer(EnterpriseRequiredMixin, StageSerializer): | ||
"""AuthenticatorEndpointGDTCStage Serializer""" | ||
|
||
class Meta: | ||
model = AuthenticatorEndpointGDTCStage | ||
fields = StageSerializer.Meta.fields + [ | ||
"configure_flow", | ||
"friendly_name", | ||
"credentials", | ||
] | ||
|
||
|
||
class AuthenticatorEndpointGDTCStageViewSet(UsedByMixin, ModelViewSet): | ||
"""AuthenticatorEndpointGDTCStage Viewset""" | ||
|
||
queryset = AuthenticatorEndpointGDTCStage.objects.all() | ||
serializer_class = AuthenticatorEndpointGDTCStageSerializer | ||
filterset_fields = [ | ||
"name", | ||
"configure_flow", | ||
] | ||
search_fields = ["name"] | ||
ordering = ["name"] | ||
|
||
|
||
class EndpointDeviceSerializer(ModelSerializer): | ||
"""Serializer for Endpoint authenticator devices""" | ||
|
||
class Meta: | ||
model = EndpointDevice | ||
fields = ["pk", "name"] | ||
depth = 2 | ||
|
||
|
||
class EndpointDeviceViewSet( | ||
mixins.RetrieveModelMixin, | ||
mixins.ListModelMixin, | ||
UsedByMixin, | ||
GenericViewSet, | ||
): | ||
"""Viewset for Endpoint authenticator devices""" | ||
|
||
queryset = EndpointDevice.objects.all() | ||
serializer_class = EndpointDeviceSerializer | ||
search_fields = ["name"] | ||
filterset_fields = ["name"] | ||
ordering = ["name"] | ||
permission_classes = [OwnerPermissions] | ||
filter_backends = [OwnerFilter, DjangoFilterBackend, OrderingFilter, SearchFilter] | ||
|
||
|
||
class EndpointAdminDeviceViewSet(ModelViewSet): | ||
"""Viewset for Endpoint authenticator devices (for admins)""" | ||
|
||
permission_classes = [IsAdminUser] | ||
queryset = EndpointDevice.objects.all() | ||
serializer_class = EndpointDeviceSerializer | ||
search_fields = ["name"] | ||
filterset_fields = ["name"] | ||
ordering = ["name"] |
13 changes: 13 additions & 0 deletions
13
authentik/enterprise/stages/authenticator_endpoint_gdtc/apps.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
"""authentik Endpoint app config""" | ||
|
||
from authentik.enterprise.apps import EnterpriseConfig | ||
|
||
|
||
class AuthentikStageAuthenticatorEndpointConfig(EnterpriseConfig): | ||
"""authentik endpoint config""" | ||
|
||
name = "authentik.enterprise.stages.authenticator_endpoint_gdtc" | ||
label = "authentik_stages_authenticator_endpoint_gdtc" | ||
verbose_name = "authentik Enterprise.Stages.Authenticator.Endpoint GDTC" | ||
default = True | ||
mountpoint = "endpoint/gdtc/" |
Oops, something went wrong.