trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

providers/proxy: start implementing basic_auth_enabled 

see #244
This commit is contained in:
Jens Langhammer 2020-09-30 11:15:17 +02:00
parent 02f5f12089
commit 9d5dd896f3
4 changed files with 66 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
passbook/providers/proxy/api.py
View File

@ -57,6 +57,9 @@ class ProxyProviderSerializer(ModelSerializer):
"internal_host_ssl_validation", "internal_host_ssl_validation",
"certificate", "certificate",
"skip_path_regex", "skip_path_regex",
"basic_auth_enabled",
"basic_auth_password_attribute",
"basic_auth_user_attribute",
] ]
@ -97,6 +100,9 @@ class ProxyOutpostConfigSerializer(ModelSerializer):
"cookie_secret", "cookie_secret",
"certificate", "certificate",
"skip_path_regex", "skip_path_regex",
"basic_auth_enabled",
"basic_auth_password_attribute",
"basic_auth_user_attribute",
] ]
@swagger_serializer_method(serializer_or_field=OpenIDConnectConfigurationSerializer) @swagger_serializer_method(serializer_or_field=OpenIDConnectConfigurationSerializer)

5
passbook/providers/proxy/forms.py
View File

@ -37,9 +37,14 @@ class ProxyProviderForm(forms.ModelForm):
"external_host", "external_host",
"certificate", "certificate",
"skip_path_regex", "skip_path_regex",
"basic_auth_enabled",
"basic_auth_user_attribute",
"basic_auth_password_attribute",
] ]
widgets = { widgets = {
"name": forms.TextInput(), "name": forms.TextInput(),
"internal_host": forms.TextInput(), "internal_host": forms.TextInput(),
"external_host": forms.TextInput(), "external_host": forms.TextInput(),
"basic_auth_user_attribute": forms.TextInput(),
"basic_auth_password_attribute": forms.TextInput(),
} }

25
passbook/providers/proxy/models.py
View File

@ -66,6 +66,31 @@ class ProxyProvider(OutpostModel, OAuth2Provider):
), ),
) )
basic_auth_enabled = models.BooleanField(
default=False,
verbose_name=_("Set HTTP-Basic Authentication"),
help_text=_(
"Set a custom HTTP-Basic Authentication header based on values from passbook."
),
)
basic_auth_user_attribute = models.TextField(
blank=True,
verbose_name=_("HTTP-Basic Username"),
help_text=_(
(
"User Attribute used for the user part of the HTTP-Basic Header. "
"If not set, the user's Email address is used."
)
),
)
basic_auth_password_attribute = models.TextField(
blank=True,
verbose_name=_("HTTP-Basic Password"),
help_text=_(
("User Attribute used for the password part of the HTTP-Basic Header.")
),
)
certificate = models.ForeignKey( certificate = models.ForeignKey(
CertificateKeyPair, on_delete=models.SET_NULL, null=True, blank=True, CertificateKeyPair, on_delete=models.SET_NULL, null=True, blank=True,
) )

32
swagger.yaml
View File

@ -6216,7 +6216,7 @@ definitions:
type: string type: string
minLength: 1 minLength: 1
internal_host_ssl_validation: internal_host_ssl_validation:
title: Internal host ssl validation title: Internal host SSL Validation
description: Validate SSL Certificates of upstream servers description: Validate SSL Certificates of upstream servers
type: boolean type: boolean
client_id: client_id:
@ -6244,6 +6244,20 @@ definitions:
description: Regular expressions for which authentication is not required. description: Regular expressions for which authentication is not required.
Each new line is interpreted as a new Regular Expression. Each new line is interpreted as a new Regular Expression.
type: string type: string
basic_auth_enabled:
title: Set HTTP-Basic Authentication
description: Set a custom HTTP-Basic Authentication header based on values
from passbook.
type: boolean
basic_auth_password_attribute:
title: HTTP-Basic Password
description: User Attribute used for the password part of the HTTP-Basic Header.
type: string
basic_auth_user_attribute:
title: HTTP-Basic Username
description: User Attribute used for the user part of the HTTP-Basic Header.
If not set, the user's Email address is used.
type: string
Policy: Policy:
type: object type: object
properties: properties:
@ -6705,7 +6719,7 @@ definitions:
type: string type: string
minLength: 1 minLength: 1
internal_host_ssl_validation: internal_host_ssl_validation:
title: Internal host ssl validation title: Internal host SSL Validation
description: Validate SSL Certificates of upstream servers description: Validate SSL Certificates of upstream servers
type: boolean type: boolean
certificate: certificate:
@ -6718,6 +6732,20 @@ definitions:
description: Regular expressions for which authentication is not required. description: Regular expressions for which authentication is not required.
Each new line is interpreted as a new Regular Expression. Each new line is interpreted as a new Regular Expression.
type: string type: string
basic_auth_enabled:
title: Set HTTP-Basic Authentication
description: Set a custom HTTP-Basic Authentication header based on values
from passbook.
type: boolean
basic_auth_password_attribute:
title: HTTP-Basic Password
description: User Attribute used for the password part of the HTTP-Basic Header.
type: string
basic_auth_user_attribute:
title: HTTP-Basic Username
description: User Attribute used for the user part of the HTTP-Basic Header.
If not set, the user's Email address is used.
type: string
SAMLProvider: SAMLProvider:
required: required:
- name - name