providers/saml: add metadata download link to api

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

authentik/providers/saml/api.py

@@ -4,11 +4,17 @@ from xml.etree.ElementTree import ParseError  # nosec
 from defusedxml.ElementTree import fromstring
 from django.http.response import HttpResponse
 from django.shortcuts import get_object_or_404
+from django.urls import reverse
 from django.utils.translation import gettext_lazy as _
 from drf_spectacular.types import OpenApiTypes
 from drf_spectacular.utils import OpenApiParameter, OpenApiResponse, extend_schema
 from rest_framework.decorators import action
-from rest_framework.fields import CharField, FileField, ReadOnlyField
+from rest_framework.fields import (
+    CharField,
+    FileField,
+    ReadOnlyField,
+    SerializerMethodField,
+)
 from rest_framework.parsers import MultiPartParser
 from rest_framework.permissions import AllowAny
 from rest_framework.relations import SlugRelatedField
@@ -37,6 +43,15 @@ LOGGER = get_logger()
 class SAMLProviderSerializer(ProviderSerializer):
     """SAMLProvider Serializer"""
 
+    metadata_download_url = SerializerMethodField()
+
+    def get_metadata_download_url(self, instance: SAMLProvider) -> str:
+        """Get metadata download URL"""
+        return (
+            reverse("authentik_api:samlprovider-metadata", kwargs={"pk": instance.pk})
+            + "?download"
+        )
+
     class Meta:
 
         model = SAMLProvider
@@ -54,6 +69,7 @@ class SAMLProviderSerializer(ProviderSerializer):
             "signing_kp",
             "verification_kp",
             "sp_binding",
+            "metadata_download_url",
         ]
 
 

schema.yml

@@ -26576,12 +26576,16 @@ components:
           title: Service Provider Binding
           description: This determines how authentik sends the response back to the
             Service Provider.
+        metadata_download_url:
+          type: string
+          readOnly: true
       required:
       - acs_url
       - assigned_application_name
       - assigned_application_slug
       - authorization_flow
       - component
+      - metadata_download_url
       - name
       - pk
       - verbose_name

web/src/pages/providers/saml/SAMLProviderViewPage.ts

@@ -157,14 +157,13 @@ export class SAMLProviderViewPage extends LitElement {
                                 </div>
                                 <div class="pf-c-card__footer">
                                     <a class="pf-c-button pf-m-primary" target="_blank"
-                                        href="/api/v2beta/providers/saml/${this.provider.pk}/metadata/?download">
+                                        href=${this.provider.metadataDownloadUrl}>
                                         ${t`Download`}
                                     </a>
                                     <ak-action-button
                                         class="pf-m-secondary"
                                         .apiRequest=${() => {
-                                            const path = `/api/v2beta/providers/saml/${this.provider?.pk}/metadata/?download`;
+                                            const fullUrl = window.location.origin + this.provider.metadataDownloadUrl;
-                                            const fullUrl = window.location.origin + path;
                                             return navigator.clipboard.writeText(fullUrl);
                                         }}>
                                         ${t`Copy download URL`}