This repository has been archived on 2024-05-31. You can view files and clone it, but cannot push or open issues or pull requests.
authentik/website/integrations/sources/mailcow/index.md

55 lines
1.6 KiB
Markdown
Raw Permalink Normal View History

---
title: Mailcow
---
<span class="badge badge--secondary">Support level: Community</span>
Allows users to authenticate using their Mailcow credentials
## Preparation
The following placeholders will be used:
- `authentik.company` is the FQDN of the authentik install.
- `mailcow.company` is the FQDN of the mailcow install.
## Mailcow
1. Log into mailcow as an admin and navigate to the OAuth2 Apps settings
![OAuth2 Apps menu](mailcow1.png)
2. Click "Add OAuth2 Client"
3. Insert the redirect URL: `https://authentik.company/source/oauth/callback/mailcow/`
![Add OAuth2 CLient](mailcow2.png)
4. Copy the **Client ID** and **Client secret** and _save it for later_
![ClientID and Secret](mailcow3.png)
web: Add storybook (#5865) * \#\# Details web: replace lingui with lit/localize \#\# Changes This rather massive shift replaces the lingui and `t()` syntax with lit-localize, XLIFF, and the `msg()` syntax used by lit-localize. 90% of this work was mechanized; simple perl scripts found and replaced all uses of `t()` with the appropriate corresponding syntax for `msg()` and `msg(str())`. The XLIFF files were auto-generated from the PO files. They have not been audited, and they should be checked over by professional translators. The actual _strings_ have not been changed, but as this was a mechanized change there is always the possibility of mis-translation-- not by the translator, but by the script. * web: revise lit/localize: fix two installation issues. * web: revise localization TL;DR: - Replaced all of Lingui's `t()` syntax with `msg()` syntax. - Mechanically (i.e with a script) converted all of the PO files to XLIFF files - Refactored the localization code to be a bit smarter: - the function `getBestMatchLocale` takes the locale lists and a requested locale, and returns the first match of: - The locale's code exactly matches the requested locale - The locale code exactly matches the prefix of the requested locale (i.e the "en" part of "en-US") - the locale code's prefix exactly matches the prefix of the requested locale This function is passed to lit-locate's `loadLocale()`. - `activateLocale()` just calls `loadLocale()` now. - `autodetectLanguage` searches the following, and picks the first that returns a valid locale object, before passing it to `loadLocale()`: - The User's settings - A `?locale=` component found in `window.location.search` - The `window.navigator.language` field - English The `msg()` only runs when it's run. This seems obvious, but it means that you cannot cache strings at load time; they must be kept inside functions that are re-run so that the `msg()` engine can look up the strings in the preferred language of the user at that moment. You can use thunks-of-strings if you really need them that way. * Including the 'xliff-converter' in case anyone wants to review it. * The xliff-converter is tagged as 'xliff-converter', but has been deleted. \#\# Details - Resolves #5171 \#\# Changes \#\#\# New Features - Adds a "Add an Application" to the LibraryView if there are no applications and the user is an administrator. \#\#\# Breaking Changes - Adds breaking change which causes \<issue\>. \#\# Checklist - [ ] Local tests pass (`ak test authentik/`) - [ ] The code has been formatted (`make lint-fix`) If an API change has been made - [ ] The API schema has been updated (`make gen-build`) If changes to the frontend have been made - [ ] The code has been formatted (`make web`) - [ ] The translation files have been updated (`make i18n-extract`) If applicable - [ ] The documentation has been updated - [ ] The documentation has been formatted (`make website`) * web: fix redundant locales for zh suite. * web: prettier pass for locale update * web: localization moderization Changed the names of the lit-localize commands to make it clear they're part of the localization effort, and not just "build" and "extract". * web: add storybook to test components * update transifex config Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix package lock? Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use build not compile Signed-off-by: Jens Langhammer <jens@goauthentik.io> * web: conversion to lit-localize The CI produced a list of problems that I hadn't caught earlier, due to a typo ("localize build" is correct, "localize compile" is not) I had left in package.json. They were minor and linty, but it was still wise to fix them. * web: replace lingui with lit/locale This commit fixes some minor linting issues that were hidden by a typo in package.json. The issues were not apparently problematic from a Javascript point of view, but they pointed to sloppy thinking in the progression of types through the system, so I cleaned them up and formalized the types from LocaleModule to AkLocale. * web: replace lingui with lit/localize One problem that has repeatedly come up is that localize's templates do not produce JavaScript that conforms with our shop style. I've replaced `build-locale` with a two-step that builds the locale *and* ensures that it conforms to the shop style via `prettier` every time. * web: replace lingui with lit-locale This commit applies the most recent bundle of translations to the new lit-locale aspect component. It also revises the algorithm for *finding* the correct locale, replacing the complex fall-back with some rather straightforward regular expressions. In the case of Chinese, the fallback comes at the end of the selection list, which may not be, er, politically valuable (since Taiwan and Hong Kong come before, being exceptions that need to be tested). If we need a different order for presentation, that'll be a future feature. * web: replace lingui with lit/locale Well, that was embarassing. * web: add storybook The delta on this didn't make any sense; putting it back causes no behavioral changes. * web: add Storybook Fixed a typo in the package.json that prevented the TSC check from passing. * web: incorporate storybook This commit includes a number of type and definitional changes needed to make lit-analyze pass. In most cases, it was a matter of reassuring Lit that we were using the right type and the right type converter, or configuring the property such that it should never be called as an attribute. The most controversial change is adding the 'no-incompatible-type-binding' to the LIT analyzer configuration (found in `tsconfig.json`). This "routes around" lit-analyzer not doing very well understanding that some HTML objects can have generic property types, as long as the renderer is configured correctly. The 'no-missing-import: off' setting is required as lit-analyzer also does not use the tsconfig `paths` setting correctly and cannot find objects defined via aliases. It's a shame JSON can't support comments; these should be in the tsconfig.json file directly. As it is, I've started a README file that includes a section to record configuration decisions. Deleted the lingui.config file as we're not using it anymore * ignore storybook build in git Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-06-07 11:05:33 +00:00
## authentik
5. Under _Directory -> Federation & Social login_ Click **Create > Mailcow OAuth Source**
![Mailcow OAuth Source](mailcow4.png)
6. **Name:** Choose a name (For the example I used Mailcow)
7. **Slug:** mailcow (You can choose a different slug, if you do you will need to update the Mailcow redirect URL and point it to the correct slug.)
8. **Consumer Key:** Client ID from step 4
9. **Consumer Secret:** Client Secret from step 4
10. **Authorization URL:** https://mailcow.company/oauth/authorize
11. **Access token URL:** https://mailcow.company/oauth/token
12. **Profile URL:** https://mailcow.company/oauth/profile
Here is an example of a complete authentik Mailcow OAuth Source
![](mailcow5.png)
Save, and you now have Mailcow as a source.
:::note
For more details on how-to have the new source display on the Login Page see [here](../general#add-sources-to-default-login-page).
:::