authentik-api 2026.2.4 → 2026.5.0.rc1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +3 -3
- data/README_API.md +66 -14
- data/lib/authentik/api/api/admin_api.rb +4 -12
- data/lib/authentik/api/api/core_api.rb +143 -18
- data/lib/authentik/api/api/crypto_api.rb +2 -6
- data/lib/authentik/api/api/endpoints_api.rb +1577 -656
- data/lib/authentik/api/api/events_api.rb +121 -38
- data/lib/authentik/api/api/flows_api.rb +8 -90
- data/lib/authentik/api/api/lifecycle_api.rb +22 -13
- data/lib/authentik/api/api/managed_api.rb +73 -0
- data/lib/authentik/api/api/policies_api.rb +5 -6
- data/lib/authentik/api/api/providers_api.rb +46 -108
- data/lib/authentik/api/api/rbac_api.rb +0 -5
- data/lib/authentik/api/api/schema_api.rb +4 -12
- data/lib/authentik/api/api/sources_api.rb +35 -96
- data/lib/authentik/api/api/ssf_api.rb +63 -6
- data/lib/authentik/api/api/stages_api.rb +581 -102
- data/lib/authentik/api/api/tasks_api.rb +5 -13
- data/lib/authentik/api/models/account_lockdown_stage.rb +372 -0
- data/lib/authentik/api/models/account_lockdown_stage_request.rb +219 -0
- data/lib/authentik/api/models/app_enum.rb +3 -2
- data/lib/authentik/api/models/apple_independent_secure_enclave.rb +246 -0
- data/lib/authentik/api/models/apple_independent_secure_enclave_request.rb +273 -0
- data/lib/authentik/api/models/application.rb +14 -4
- data/lib/authentik/api/models/application_request.rb +14 -4
- data/lib/authentik/api/models/authenticated_session_user_agent_device.rb +2 -30
- data/lib/authentik/api/models/authenticated_session_user_agent_os.rb +4 -60
- data/lib/authentik/api/models/authentication_enum.rb +2 -1
- data/lib/authentik/api/models/authenticator_validate_stage.rb +51 -4
- data/lib/authentik/api/models/authenticator_validate_stage_request.rb +51 -4
- data/lib/authentik/api/models/authenticator_web_authn_stage.rb +23 -2
- data/lib/authentik/api/models/authenticator_web_authn_stage_request.rb +23 -2
- data/lib/authentik/api/models/{flow_import_result.rb → blueprint_import_result.rb} +4 -4
- data/lib/authentik/api/models/brand.rb +11 -1
- data/lib/authentik/api/models/brand_request.rb +11 -1
- data/lib/authentik/api/models/certificate_key_pair.rb +1 -1
- data/lib/authentik/api/models/certificate_key_pair_key_type_enum.rb +37 -0
- data/lib/authentik/api/models/compatibility_mode_enum.rb +3 -1
- data/lib/authentik/api/models/{consent_stage_mode_enum.rb → consent_mode_enum.rb} +3 -3
- data/lib/authentik/api/models/consent_stage.rb +1 -1
- data/lib/authentik/api/models/consent_stage_request.rb +1 -1
- data/lib/authentik/api/models/country_code_enum.rb +3 -3
- data/lib/authentik/api/models/current_brand.rb +10 -1
- data/lib/authentik/api/models/current_brand_flags.rb +31 -27
- data/lib/authentik/api/models/delivery_method_enum.rb +3 -1
- data/lib/authentik/api/models/event_matcher_policy.rb +15 -5
- data/lib/authentik/api/models/event_matcher_policy_request.rb +30 -5
- data/lib/authentik/api/models/event_stats.rb +187 -0
- data/lib/authentik/api/models/event_volume.rb +1 -1
- data/lib/authentik/api/models/events_requested_enum.rb +7 -1
- data/lib/authentik/api/models/expiring_base_grant_model.rb +1 -1
- data/lib/authentik/api/models/force_binding_enum.rb +34 -0
- data/lib/authentik/api/models/{resident_key_requirement_enum.rb → format_enum.rb} +6 -7
- data/lib/authentik/api/models/geo_ip_policy.rb +1 -1
- data/lib/authentik/api/models/{detailed_country_field.rb → geo_ip_policy_countries_obj_inner.rb} +22 -26
- data/lib/authentik/api/models/google_chrome_connector.rb +326 -0
- data/lib/authentik/api/models/google_chrome_connector_request.rb +214 -0
- data/lib/authentik/api/models/grant_types_enum.rb +39 -0
- data/lib/authentik/api/models/group_kerberos_source_connection_request.rb +27 -1
- data/lib/authentik/api/models/group_ldap_source_connection.rb +30 -4
- data/lib/authentik/api/models/group_ldap_source_connection_request.rb +27 -1
- data/lib/authentik/api/models/group_o_auth_source_connection_request.rb +27 -1
- data/lib/authentik/api/models/group_plex_source_connection_request.rb +27 -1
- data/lib/authentik/api/models/group_saml_source_connection_request.rb +27 -1
- data/lib/authentik/api/models/group_source_connection_request.rb +27 -1
- data/lib/authentik/api/models/group_telegram_source_connection_request.rb +27 -1
- data/lib/authentik/api/models/iframe_logout_challenge.rb +1 -1
- data/lib/authentik/api/models/invitation_send_email_request.rb +213 -0
- data/lib/authentik/api/models/key_type_enum.rb +3 -3
- data/lib/authentik/api/models/lang_enum.rb +131 -0
- data/lib/authentik/api/models/lifecycle_iteration.rb +30 -86
- data/lib/authentik/api/models/logout_url.rb +209 -0
- data/lib/authentik/api/models/model_enum.rb +3 -1
- data/lib/authentik/api/models/native_logout_challenge.rb +68 -37
- data/lib/authentik/api/models/notification_transport.rb +13 -2
- data/lib/authentik/api/models/notification_transport_request.rb +13 -2
- data/lib/authentik/api/models/o_auth2_provider.rb +12 -1
- data/lib/authentik/api/models/o_auth2_provider_request.rb +12 -1
- data/lib/authentik/api/models/operating_system.rb +0 -17
- data/lib/authentik/api/models/operating_system_request.rb +2 -9
- data/lib/authentik/api/models/paginated_account_lockdown_stage_list.rb +214 -0
- data/lib/authentik/api/models/paginated_apple_independent_secure_enclave_list.rb +214 -0
- data/lib/authentik/api/models/paginated_extra_role_object_permission_list.rb +32 -4
- data/lib/authentik/api/models/paginated_google_chrome_connector_list.rb +214 -0
- data/lib/authentik/api/models/patched_account_lockdown_stage_request.rb +212 -0
- data/lib/authentik/api/models/patched_apple_independent_secure_enclave_request.rb +235 -0
- data/lib/authentik/api/models/patched_application_request.rb +14 -4
- data/lib/authentik/api/models/patched_authenticator_validate_stage_request.rb +51 -4
- data/lib/authentik/api/models/patched_authenticator_web_authn_stage_request.rb +23 -2
- data/lib/authentik/api/models/patched_brand_request.rb +11 -1
- data/lib/authentik/api/models/patched_consent_stage_request.rb +1 -1
- data/lib/authentik/api/models/patched_event_matcher_policy_request.rb +30 -5
- data/lib/authentik/api/models/patched_google_chrome_connector_request.rb +190 -0
- data/lib/authentik/api/models/patched_group_kerberos_source_connection_request.rb +10 -1
- data/lib/authentik/api/models/patched_group_ldap_source_connection_request.rb +10 -1
- data/lib/authentik/api/models/patched_group_o_auth_source_connection_request.rb +10 -1
- data/lib/authentik/api/models/patched_group_plex_source_connection_request.rb +10 -1
- data/lib/authentik/api/models/patched_group_saml_source_connection_request.rb +10 -1
- data/lib/authentik/api/models/patched_group_source_connection_request.rb +10 -1
- data/lib/authentik/api/models/patched_group_telegram_source_connection_request.rb +10 -1
- data/lib/authentik/api/models/patched_notification_transport_request.rb +13 -2
- data/lib/authentik/api/models/patched_o_auth2_provider_request.rb +12 -1
- data/lib/authentik/api/models/patched_saml_provider_request.rb +17 -27
- data/lib/authentik/api/models/patched_saml_source_request.rb +11 -1
- data/lib/authentik/api/models/patched_settings_request_flags.rb +31 -27
- data/lib/authentik/api/models/patched_ssf_provider_request.rb +13 -4
- data/lib/authentik/api/models/patched_user_kerberos_source_connection_request.rb +10 -1
- data/lib/authentik/api/models/patched_user_ldap_source_connection_request.rb +10 -1
- data/lib/authentik/api/models/patched_user_o_auth_source_connection_request.rb +10 -1
- data/lib/authentik/api/models/patched_user_plex_source_connection_request.rb +10 -1
- data/lib/authentik/api/models/patched_user_saml_source_connection_request.rb +10 -1
- data/lib/authentik/api/models/patched_user_source_connection_request.rb +10 -1
- data/lib/authentik/api/models/patched_user_telegram_source_connection_request.rb +10 -1
- data/lib/authentik/api/models/prompt_type_enum.rb +4 -1
- data/lib/authentik/api/models/redirect_uri.rb +13 -4
- data/lib/authentik/api/models/redirect_uri_request.rb +13 -4
- data/lib/authentik/api/models/redirect_uri_type_enum.rb +34 -0
- data/lib/authentik/api/models/related_rule.rb +250 -0
- data/lib/authentik/api/models/saml_provider.rb +98 -8
- data/lib/authentik/api/models/saml_provider_request.rb +17 -27
- data/lib/authentik/api/models/saml_source.rb +11 -1
- data/lib/authentik/api/models/saml_source_request.rb +11 -1
- data/lib/authentik/api/models/ssf_provider.rb +41 -4
- data/lib/authentik/api/models/ssf_provider_request.rb +13 -4
- data/lib/authentik/api/models/ssf_stream.rb +10 -1
- data/lib/authentik/api/models/ssf_stream_status_enum.rb +36 -0
- data/lib/authentik/api/models/task.rb +1 -1
- data/lib/authentik/api/models/{task_state_enum.rb → task_status_enum.rb} +3 -3
- data/lib/authentik/api/models/token_model.rb +1 -1
- data/lib/authentik/api/models/{notification_transport_mode_enum.rb → transport_mode_enum.rb} +3 -3
- data/lib/authentik/api/models/usage_enum.rb +33 -0
- data/lib/authentik/api/models/user_account_lockdown_request.rb +144 -0
- data/lib/authentik/api/models/user_kerberos_source_connection_request.rb +27 -1
- data/lib/authentik/api/models/user_ldap_source_connection.rb +30 -4
- data/lib/authentik/api/models/user_ldap_source_connection_request.rb +27 -1
- data/lib/authentik/api/models/user_o_auth_source_connection_request.rb +27 -1
- data/lib/authentik/api/models/user_password_hash_set_request.rb +168 -0
- data/lib/authentik/api/models/user_plex_source_connection_request.rb +27 -1
- data/lib/authentik/api/models/user_saml_source_connection_request.rb +27 -1
- data/lib/authentik/api/models/user_source_connection_request.rb +27 -1
- data/lib/authentik/api/models/user_telegram_source_connection_request.rb +27 -1
- data/lib/authentik/api/models/vendor_enum.rb +2 -1
- data/lib/authentik/api/models/web_authn_hint_enum.rb +35 -0
- data/lib/authentik/api/version.rb +1 -1
- data/spec/api/admin_api_spec.rb +2 -2
- data/spec/api/core_api_spec.rb +27 -3
- data/spec/api/crypto_api_spec.rb +1 -1
- data/spec/api/endpoints_api_spec.rb +167 -0
- data/spec/api/events_api_spec.rb +33 -7
- data/spec/api/flows_api_spec.rb +4 -16
- data/spec/api/lifecycle_api_spec.rb +6 -3
- data/spec/api/managed_api_spec.rb +13 -0
- data/spec/api/policies_api_spec.rb +2 -1
- data/spec/api/providers_api_spec.rb +21 -19
- data/spec/api/schema_api_spec.rb +2 -2
- data/spec/api/sources_api_spec.rb +17 -16
- data/spec/api/ssf_api_spec.rb +12 -1
- data/spec/api/stages_api_spec.rb +117 -18
- data/spec/api/tasks_api_spec.rb +2 -2
- data/spec/models/account_lockdown_stage_request_spec.rb +60 -0
- data/spec/models/account_lockdown_stage_spec.rb +96 -0
- data/spec/models/apple_independent_secure_enclave_request_spec.rb +54 -0
- data/spec/models/apple_independent_secure_enclave_spec.rb +54 -0
- data/spec/models/application_request_spec.rb +6 -0
- data/spec/models/application_spec.rb +6 -0
- data/spec/models/authenticator_validate_stage_request_spec.rb +30 -0
- data/spec/models/authenticator_validate_stage_spec.rb +30 -0
- data/spec/models/authenticator_web_authn_stage_request_spec.rb +12 -0
- data/spec/models/authenticator_web_authn_stage_spec.rb +12 -0
- data/spec/models/{flow_import_result_spec.rb → blueprint_import_result_spec.rb} +6 -6
- data/spec/models/brand_request_spec.rb +6 -0
- data/spec/models/brand_spec.rb +6 -0
- data/spec/models/{notification_transport_mode_enum_spec.rb → certificate_key_pair_key_type_enum_spec.rb} +6 -6
- data/spec/models/{consent_stage_mode_enum_spec.rb → consent_mode_enum_spec.rb} +6 -6
- data/spec/models/current_brand_flags_spec.rb +2 -2
- data/spec/models/current_brand_spec.rb +6 -0
- data/spec/models/event_matcher_policy_request_spec.rb +6 -0
- data/spec/models/event_matcher_policy_spec.rb +6 -0
- data/spec/models/event_stats_spec.rb +36 -0
- data/spec/models/force_binding_enum_spec.rb +24 -0
- data/spec/models/format_enum_spec.rb +24 -0
- data/spec/models/{detailed_country_field_spec.rb → geo_ip_policy_countries_obj_inner_spec.rb} +6 -6
- data/spec/models/google_chrome_connector_request_spec.rb +48 -0
- data/spec/models/google_chrome_connector_spec.rb +78 -0
- data/spec/models/grant_types_enum_spec.rb +24 -0
- data/spec/models/group_kerberos_source_connection_request_spec.rb +6 -0
- data/spec/models/group_ldap_source_connection_request_spec.rb +6 -0
- data/spec/models/group_ldap_source_connection_spec.rb +6 -0
- data/spec/models/group_o_auth_source_connection_request_spec.rb +6 -0
- data/spec/models/group_plex_source_connection_request_spec.rb +6 -0
- data/spec/models/group_saml_source_connection_request_spec.rb +6 -0
- data/spec/models/group_source_connection_request_spec.rb +6 -0
- data/spec/models/group_telegram_source_connection_request_spec.rb +6 -0
- data/spec/models/invitation_send_email_request_spec.rb +48 -0
- data/spec/models/lang_enum_spec.rb +24 -0
- data/spec/models/lifecycle_iteration_spec.rb +2 -14
- data/spec/models/logout_url_spec.rb +60 -0
- data/spec/models/native_logout_challenge_spec.rb +13 -7
- data/spec/models/notification_transport_request_spec.rb +6 -0
- data/spec/models/notification_transport_spec.rb +6 -0
- data/spec/models/o_auth2_provider_request_spec.rb +6 -0
- data/spec/models/o_auth2_provider_spec.rb +6 -0
- data/spec/models/paginated_account_lockdown_stage_list_spec.rb +42 -0
- data/spec/models/paginated_apple_independent_secure_enclave_list_spec.rb +42 -0
- data/spec/models/paginated_extra_role_object_permission_list_spec.rb +6 -0
- data/spec/models/paginated_google_chrome_connector_list_spec.rb +42 -0
- data/spec/models/patched_account_lockdown_stage_request_spec.rb +60 -0
- data/spec/models/patched_apple_independent_secure_enclave_request_spec.rb +54 -0
- data/spec/models/patched_application_request_spec.rb +6 -0
- data/spec/models/patched_authenticator_validate_stage_request_spec.rb +30 -0
- data/spec/models/patched_authenticator_web_authn_stage_request_spec.rb +12 -0
- data/spec/models/patched_brand_request_spec.rb +6 -0
- data/spec/models/patched_event_matcher_policy_request_spec.rb +6 -0
- data/spec/models/patched_google_chrome_connector_request_spec.rb +48 -0
- data/spec/models/patched_group_kerberos_source_connection_request_spec.rb +6 -0
- data/spec/models/patched_group_ldap_source_connection_request_spec.rb +6 -0
- data/spec/models/patched_group_o_auth_source_connection_request_spec.rb +6 -0
- data/spec/models/patched_group_plex_source_connection_request_spec.rb +6 -0
- data/spec/models/patched_group_saml_source_connection_request_spec.rb +6 -0
- data/spec/models/patched_group_source_connection_request_spec.rb +6 -0
- data/spec/models/patched_group_telegram_source_connection_request_spec.rb +6 -0
- data/spec/models/patched_notification_transport_request_spec.rb +6 -0
- data/spec/models/patched_o_auth2_provider_request_spec.rb +6 -0
- data/spec/models/patched_saml_provider_request_spec.rb +7 -1
- data/spec/models/patched_saml_source_request_spec.rb +6 -0
- data/spec/models/patched_settings_request_flags_spec.rb +2 -2
- data/spec/models/patched_ssf_provider_request_spec.rb +6 -0
- data/spec/models/patched_user_kerberos_source_connection_request_spec.rb +6 -0
- data/spec/models/patched_user_ldap_source_connection_request_spec.rb +6 -0
- data/spec/models/patched_user_o_auth_source_connection_request_spec.rb +6 -0
- data/spec/models/patched_user_plex_source_connection_request_spec.rb +6 -0
- data/spec/models/patched_user_saml_source_connection_request_spec.rb +6 -0
- data/spec/models/patched_user_source_connection_request_spec.rb +6 -0
- data/spec/models/patched_user_telegram_source_connection_request_spec.rb +6 -0
- data/spec/models/redirect_uri_request_spec.rb +6 -0
- data/spec/models/redirect_uri_spec.rb +6 -0
- data/spec/models/redirect_uri_type_enum_spec.rb +24 -0
- data/spec/models/related_rule_spec.rb +54 -0
- data/spec/models/saml_provider_request_spec.rb +7 -1
- data/spec/models/saml_provider_spec.rb +25 -1
- data/spec/models/saml_source_request_spec.rb +6 -0
- data/spec/models/saml_source_spec.rb +6 -0
- data/spec/models/ssf_provider_request_spec.rb +6 -0
- data/spec/models/ssf_provider_spec.rb +12 -0
- data/spec/models/ssf_stream_spec.rb +6 -0
- data/spec/models/ssf_stream_status_enum_spec.rb +24 -0
- data/spec/models/{task_state_enum_spec.rb → task_status_enum_spec.rb} +6 -6
- data/spec/models/transport_mode_enum_spec.rb +24 -0
- data/spec/models/usage_enum_spec.rb +24 -0
- data/spec/models/user_account_lockdown_request_spec.rb +30 -0
- data/spec/models/user_kerberos_source_connection_request_spec.rb +6 -0
- data/spec/models/user_ldap_source_connection_request_spec.rb +6 -0
- data/spec/models/user_ldap_source_connection_spec.rb +6 -0
- data/spec/models/user_o_auth_source_connection_request_spec.rb +6 -0
- data/spec/models/user_password_hash_set_request_spec.rb +30 -0
- data/spec/models/user_plex_source_connection_request_spec.rb +6 -0
- data/spec/models/user_saml_source_connection_request_spec.rb +6 -0
- data/spec/models/user_source_connection_request_spec.rb +6 -0
- data/spec/models/user_telegram_source_connection_request_spec.rb +6 -0
- data/spec/models/web_authn_hint_enum_spec.rb +24 -0
- data/spec/zeitwerk_spec.rb +34 -0
- metadata +113 -32
- data/spec/models/resident_key_requirement_enum_spec.rb +0 -24
|
@@ -57,8 +57,8 @@ module Authentik::Api
|
|
|
57
57
|
# Value of the audience restriction field of the assertion. When left empty, no audience restriction will be added.
|
|
58
58
|
attr_accessor :audience
|
|
59
59
|
|
|
60
|
-
# Also known as EntityID
|
|
61
|
-
attr_accessor :
|
|
60
|
+
# Also known as EntityID. Providing a value overrides the default issuer generated by authentik.
|
|
61
|
+
attr_accessor :issuer_override
|
|
62
62
|
|
|
63
63
|
# Assertion valid not before current time + this value (Format: hours=-1;minutes=-2;seconds=-3).
|
|
64
64
|
attr_accessor :assertion_valid_not_before
|
|
@@ -94,6 +94,8 @@ module Authentik::Api
|
|
|
94
94
|
|
|
95
95
|
attr_accessor :sign_logout_request
|
|
96
96
|
|
|
97
|
+
attr_accessor :sign_logout_response
|
|
98
|
+
|
|
97
99
|
# This determines how authentik sends the response back to the Service Provider.
|
|
98
100
|
attr_accessor :sp_binding
|
|
99
101
|
|
|
@@ -111,6 +113,15 @@ module Authentik::Api
|
|
|
111
113
|
# Get metadata download URL
|
|
112
114
|
attr_accessor :url_download_metadata
|
|
113
115
|
|
|
116
|
+
# Get Issuer/EntityID URL
|
|
117
|
+
attr_accessor :url_issuer
|
|
118
|
+
|
|
119
|
+
# Get unified SAML endpoint URL (handles SSO and SLO)
|
|
120
|
+
attr_accessor :url_unified
|
|
121
|
+
|
|
122
|
+
# Get IdP-initiated SAML URL
|
|
123
|
+
attr_accessor :url_unified_init
|
|
124
|
+
|
|
114
125
|
# Get SSO Post URL
|
|
115
126
|
attr_accessor :url_sso_post
|
|
116
127
|
|
|
@@ -168,7 +179,7 @@ module Authentik::Api
|
|
|
168
179
|
:'acs_url' => :'acs_url',
|
|
169
180
|
:'sls_url' => :'sls_url',
|
|
170
181
|
:'audience' => :'audience',
|
|
171
|
-
:'
|
|
182
|
+
:'issuer_override' => :'issuer_override',
|
|
172
183
|
:'assertion_valid_not_before' => :'assertion_valid_not_before',
|
|
173
184
|
:'assertion_valid_not_on_or_after' => :'assertion_valid_not_on_or_after',
|
|
174
185
|
:'session_valid_not_on_or_after' => :'session_valid_not_on_or_after',
|
|
@@ -182,12 +193,16 @@ module Authentik::Api
|
|
|
182
193
|
:'sign_assertion' => :'sign_assertion',
|
|
183
194
|
:'sign_response' => :'sign_response',
|
|
184
195
|
:'sign_logout_request' => :'sign_logout_request',
|
|
196
|
+
:'sign_logout_response' => :'sign_logout_response',
|
|
185
197
|
:'sp_binding' => :'sp_binding',
|
|
186
198
|
:'sls_binding' => :'sls_binding',
|
|
187
199
|
:'logout_method' => :'logout_method',
|
|
188
200
|
:'default_relay_state' => :'default_relay_state',
|
|
189
201
|
:'default_name_id_policy' => :'default_name_id_policy',
|
|
190
202
|
:'url_download_metadata' => :'url_download_metadata',
|
|
203
|
+
:'url_issuer' => :'url_issuer',
|
|
204
|
+
:'url_unified' => :'url_unified',
|
|
205
|
+
:'url_unified_init' => :'url_unified_init',
|
|
191
206
|
:'url_sso_post' => :'url_sso_post',
|
|
192
207
|
:'url_sso_redirect' => :'url_sso_redirect',
|
|
193
208
|
:'url_sso_init' => :'url_sso_init',
|
|
@@ -226,7 +241,7 @@ module Authentik::Api
|
|
|
226
241
|
:'acs_url' => :'String',
|
|
227
242
|
:'sls_url' => :'String',
|
|
228
243
|
:'audience' => :'String',
|
|
229
|
-
:'
|
|
244
|
+
:'issuer_override' => :'String',
|
|
230
245
|
:'assertion_valid_not_before' => :'String',
|
|
231
246
|
:'assertion_valid_not_on_or_after' => :'String',
|
|
232
247
|
:'session_valid_not_on_or_after' => :'String',
|
|
@@ -240,12 +255,16 @@ module Authentik::Api
|
|
|
240
255
|
:'sign_assertion' => :'Boolean',
|
|
241
256
|
:'sign_response' => :'Boolean',
|
|
242
257
|
:'sign_logout_request' => :'Boolean',
|
|
258
|
+
:'sign_logout_response' => :'Boolean',
|
|
243
259
|
:'sp_binding' => :'SAMLBindingsEnum',
|
|
244
260
|
:'sls_binding' => :'SAMLBindingsEnum',
|
|
245
261
|
:'logout_method' => :'SAMLLogoutMethods',
|
|
246
262
|
:'default_relay_state' => :'String',
|
|
247
263
|
:'default_name_id_policy' => :'SAMLNameIDPolicyEnum',
|
|
248
264
|
:'url_download_metadata' => :'String',
|
|
265
|
+
:'url_issuer' => :'String',
|
|
266
|
+
:'url_unified' => :'String',
|
|
267
|
+
:'url_unified_init' => :'String',
|
|
249
268
|
:'url_sso_post' => :'String',
|
|
250
269
|
:'url_sso_redirect' => :'String',
|
|
251
270
|
:'url_sso_init' => :'String',
|
|
@@ -382,8 +401,8 @@ module Authentik::Api
|
|
|
382
401
|
self.audience = attributes[:'audience']
|
|
383
402
|
end
|
|
384
403
|
|
|
385
|
-
if attributes.key?(:'
|
|
386
|
-
self.
|
|
404
|
+
if attributes.key?(:'issuer_override')
|
|
405
|
+
self.issuer_override = attributes[:'issuer_override']
|
|
387
406
|
end
|
|
388
407
|
|
|
389
408
|
if attributes.key?(:'assertion_valid_not_before')
|
|
@@ -438,6 +457,10 @@ module Authentik::Api
|
|
|
438
457
|
self.sign_logout_request = attributes[:'sign_logout_request']
|
|
439
458
|
end
|
|
440
459
|
|
|
460
|
+
if attributes.key?(:'sign_logout_response')
|
|
461
|
+
self.sign_logout_response = attributes[:'sign_logout_response']
|
|
462
|
+
end
|
|
463
|
+
|
|
441
464
|
if attributes.key?(:'sp_binding')
|
|
442
465
|
self.sp_binding = attributes[:'sp_binding']
|
|
443
466
|
end
|
|
@@ -464,6 +487,24 @@ module Authentik::Api
|
|
|
464
487
|
self.url_download_metadata = nil
|
|
465
488
|
end
|
|
466
489
|
|
|
490
|
+
if attributes.key?(:'url_issuer')
|
|
491
|
+
self.url_issuer = attributes[:'url_issuer']
|
|
492
|
+
else
|
|
493
|
+
self.url_issuer = nil
|
|
494
|
+
end
|
|
495
|
+
|
|
496
|
+
if attributes.key?(:'url_unified')
|
|
497
|
+
self.url_unified = attributes[:'url_unified']
|
|
498
|
+
else
|
|
499
|
+
self.url_unified = nil
|
|
500
|
+
end
|
|
501
|
+
|
|
502
|
+
if attributes.key?(:'url_unified_init')
|
|
503
|
+
self.url_unified_init = attributes[:'url_unified_init']
|
|
504
|
+
else
|
|
505
|
+
self.url_unified_init = nil
|
|
506
|
+
end
|
|
507
|
+
|
|
467
508
|
if attributes.key?(:'url_sso_post')
|
|
468
509
|
self.url_sso_post = attributes[:'url_sso_post']
|
|
469
510
|
else
|
|
@@ -540,6 +581,18 @@ module Authentik::Api
|
|
|
540
581
|
invalid_properties.push('invalid value for "url_download_metadata", url_download_metadata cannot be nil.')
|
|
541
582
|
end
|
|
542
583
|
|
|
584
|
+
if @url_issuer.nil?
|
|
585
|
+
invalid_properties.push('invalid value for "url_issuer", url_issuer cannot be nil.')
|
|
586
|
+
end
|
|
587
|
+
|
|
588
|
+
if @url_unified.nil?
|
|
589
|
+
invalid_properties.push('invalid value for "url_unified", url_unified cannot be nil.')
|
|
590
|
+
end
|
|
591
|
+
|
|
592
|
+
if @url_unified_init.nil?
|
|
593
|
+
invalid_properties.push('invalid value for "url_unified_init", url_unified_init cannot be nil.')
|
|
594
|
+
end
|
|
595
|
+
|
|
543
596
|
if @url_sso_post.nil?
|
|
544
597
|
invalid_properties.push('invalid value for "url_sso_post", url_sso_post cannot be nil.')
|
|
545
598
|
end
|
|
@@ -577,6 +630,9 @@ module Authentik::Api
|
|
|
577
630
|
return false if @meta_model_name.nil?
|
|
578
631
|
return false if @acs_url.nil?
|
|
579
632
|
return false if @url_download_metadata.nil?
|
|
633
|
+
return false if @url_issuer.nil?
|
|
634
|
+
return false if @url_unified.nil?
|
|
635
|
+
return false if @url_unified_init.nil?
|
|
580
636
|
return false if @url_sso_post.nil?
|
|
581
637
|
return false if @url_sso_redirect.nil?
|
|
582
638
|
return false if @url_sso_init.nil?
|
|
@@ -685,6 +741,36 @@ module Authentik::Api
|
|
|
685
741
|
@url_download_metadata = url_download_metadata
|
|
686
742
|
end
|
|
687
743
|
|
|
744
|
+
# Custom attribute writer method with validation
|
|
745
|
+
# @param [Object] url_issuer Value to be assigned
|
|
746
|
+
def url_issuer=(url_issuer)
|
|
747
|
+
if url_issuer.nil?
|
|
748
|
+
fail ArgumentError, 'url_issuer cannot be nil'
|
|
749
|
+
end
|
|
750
|
+
|
|
751
|
+
@url_issuer = url_issuer
|
|
752
|
+
end
|
|
753
|
+
|
|
754
|
+
# Custom attribute writer method with validation
|
|
755
|
+
# @param [Object] url_unified Value to be assigned
|
|
756
|
+
def url_unified=(url_unified)
|
|
757
|
+
if url_unified.nil?
|
|
758
|
+
fail ArgumentError, 'url_unified cannot be nil'
|
|
759
|
+
end
|
|
760
|
+
|
|
761
|
+
@url_unified = url_unified
|
|
762
|
+
end
|
|
763
|
+
|
|
764
|
+
# Custom attribute writer method with validation
|
|
765
|
+
# @param [Object] url_unified_init Value to be assigned
|
|
766
|
+
def url_unified_init=(url_unified_init)
|
|
767
|
+
if url_unified_init.nil?
|
|
768
|
+
fail ArgumentError, 'url_unified_init cannot be nil'
|
|
769
|
+
end
|
|
770
|
+
|
|
771
|
+
@url_unified_init = url_unified_init
|
|
772
|
+
end
|
|
773
|
+
|
|
688
774
|
# Custom attribute writer method with validation
|
|
689
775
|
# @param [Object] url_sso_post Value to be assigned
|
|
690
776
|
def url_sso_post=(url_sso_post)
|
|
@@ -757,7 +843,7 @@ module Authentik::Api
|
|
|
757
843
|
acs_url == o.acs_url &&
|
|
758
844
|
sls_url == o.sls_url &&
|
|
759
845
|
audience == o.audience &&
|
|
760
|
-
|
|
846
|
+
issuer_override == o.issuer_override &&
|
|
761
847
|
assertion_valid_not_before == o.assertion_valid_not_before &&
|
|
762
848
|
assertion_valid_not_on_or_after == o.assertion_valid_not_on_or_after &&
|
|
763
849
|
session_valid_not_on_or_after == o.session_valid_not_on_or_after &&
|
|
@@ -771,12 +857,16 @@ module Authentik::Api
|
|
|
771
857
|
sign_assertion == o.sign_assertion &&
|
|
772
858
|
sign_response == o.sign_response &&
|
|
773
859
|
sign_logout_request == o.sign_logout_request &&
|
|
860
|
+
sign_logout_response == o.sign_logout_response &&
|
|
774
861
|
sp_binding == o.sp_binding &&
|
|
775
862
|
sls_binding == o.sls_binding &&
|
|
776
863
|
logout_method == o.logout_method &&
|
|
777
864
|
default_relay_state == o.default_relay_state &&
|
|
778
865
|
default_name_id_policy == o.default_name_id_policy &&
|
|
779
866
|
url_download_metadata == o.url_download_metadata &&
|
|
867
|
+
url_issuer == o.url_issuer &&
|
|
868
|
+
url_unified == o.url_unified &&
|
|
869
|
+
url_unified_init == o.url_unified_init &&
|
|
780
870
|
url_sso_post == o.url_sso_post &&
|
|
781
871
|
url_sso_redirect == o.url_sso_redirect &&
|
|
782
872
|
url_sso_init == o.url_sso_init &&
|
|
@@ -793,7 +883,7 @@ module Authentik::Api
|
|
|
793
883
|
# Calculates hash code according to all attributes.
|
|
794
884
|
# @return [Integer] Hash code
|
|
795
885
|
def hash
|
|
796
|
-
[pk, name, authentication_flow, authorization_flow, invalidation_flow, property_mappings, component, assigned_application_slug, assigned_application_name, assigned_backchannel_application_slug, assigned_backchannel_application_name, verbose_name, verbose_name_plural, meta_model_name, acs_url, sls_url, audience,
|
|
886
|
+
[pk, name, authentication_flow, authorization_flow, invalidation_flow, property_mappings, component, assigned_application_slug, assigned_application_name, assigned_backchannel_application_slug, assigned_backchannel_application_name, verbose_name, verbose_name_plural, meta_model_name, acs_url, sls_url, audience, issuer_override, assertion_valid_not_before, assertion_valid_not_on_or_after, session_valid_not_on_or_after, name_id_mapping, authn_context_class_ref_mapping, digest_algorithm, signature_algorithm, signing_kp, verification_kp, encryption_kp, sign_assertion, sign_response, sign_logout_request, sign_logout_response, sp_binding, sls_binding, logout_method, default_relay_state, default_name_id_policy, url_download_metadata, url_issuer, url_unified, url_unified_init, url_sso_post, url_sso_redirect, url_sso_init, url_slo_post, url_slo_redirect].hash
|
|
797
887
|
end
|
|
798
888
|
|
|
799
889
|
# Builds the object from hash
|
|
@@ -31,8 +31,8 @@ module Authentik::Api
|
|
|
31
31
|
# Value of the audience restriction field of the assertion. When left empty, no audience restriction will be added.
|
|
32
32
|
attr_accessor :audience
|
|
33
33
|
|
|
34
|
-
# Also known as EntityID
|
|
35
|
-
attr_accessor :
|
|
34
|
+
# Also known as EntityID. Providing a value overrides the default issuer generated by authentik.
|
|
35
|
+
attr_accessor :issuer_override
|
|
36
36
|
|
|
37
37
|
# Assertion valid not before current time + this value (Format: hours=-1;minutes=-2;seconds=-3).
|
|
38
38
|
attr_accessor :assertion_valid_not_before
|
|
@@ -68,6 +68,8 @@ module Authentik::Api
|
|
|
68
68
|
|
|
69
69
|
attr_accessor :sign_logout_request
|
|
70
70
|
|
|
71
|
+
attr_accessor :sign_logout_response
|
|
72
|
+
|
|
71
73
|
# This determines how authentik sends the response back to the Service Provider.
|
|
72
74
|
attr_accessor :sp_binding
|
|
73
75
|
|
|
@@ -115,7 +117,7 @@ module Authentik::Api
|
|
|
115
117
|
:'acs_url' => :'acs_url',
|
|
116
118
|
:'sls_url' => :'sls_url',
|
|
117
119
|
:'audience' => :'audience',
|
|
118
|
-
:'
|
|
120
|
+
:'issuer_override' => :'issuer_override',
|
|
119
121
|
:'assertion_valid_not_before' => :'assertion_valid_not_before',
|
|
120
122
|
:'assertion_valid_not_on_or_after' => :'assertion_valid_not_on_or_after',
|
|
121
123
|
:'session_valid_not_on_or_after' => :'session_valid_not_on_or_after',
|
|
@@ -129,6 +131,7 @@ module Authentik::Api
|
|
|
129
131
|
:'sign_assertion' => :'sign_assertion',
|
|
130
132
|
:'sign_response' => :'sign_response',
|
|
131
133
|
:'sign_logout_request' => :'sign_logout_request',
|
|
134
|
+
:'sign_logout_response' => :'sign_logout_response',
|
|
132
135
|
:'sp_binding' => :'sp_binding',
|
|
133
136
|
:'sls_binding' => :'sls_binding',
|
|
134
137
|
:'logout_method' => :'logout_method',
|
|
@@ -158,7 +161,7 @@ module Authentik::Api
|
|
|
158
161
|
:'acs_url' => :'String',
|
|
159
162
|
:'sls_url' => :'String',
|
|
160
163
|
:'audience' => :'String',
|
|
161
|
-
:'
|
|
164
|
+
:'issuer_override' => :'String',
|
|
162
165
|
:'assertion_valid_not_before' => :'String',
|
|
163
166
|
:'assertion_valid_not_on_or_after' => :'String',
|
|
164
167
|
:'session_valid_not_on_or_after' => :'String',
|
|
@@ -172,6 +175,7 @@ module Authentik::Api
|
|
|
172
175
|
:'sign_assertion' => :'Boolean',
|
|
173
176
|
:'sign_response' => :'Boolean',
|
|
174
177
|
:'sign_logout_request' => :'Boolean',
|
|
178
|
+
:'sign_logout_response' => :'Boolean',
|
|
175
179
|
:'sp_binding' => :'SAMLBindingsEnum',
|
|
176
180
|
:'sls_binding' => :'SAMLBindingsEnum',
|
|
177
181
|
:'logout_method' => :'SAMLLogoutMethods',
|
|
@@ -250,8 +254,8 @@ module Authentik::Api
|
|
|
250
254
|
self.audience = attributes[:'audience']
|
|
251
255
|
end
|
|
252
256
|
|
|
253
|
-
if attributes.key?(:'
|
|
254
|
-
self.
|
|
257
|
+
if attributes.key?(:'issuer_override')
|
|
258
|
+
self.issuer_override = attributes[:'issuer_override']
|
|
255
259
|
end
|
|
256
260
|
|
|
257
261
|
if attributes.key?(:'assertion_valid_not_before')
|
|
@@ -306,6 +310,10 @@ module Authentik::Api
|
|
|
306
310
|
self.sign_logout_request = attributes[:'sign_logout_request']
|
|
307
311
|
end
|
|
308
312
|
|
|
313
|
+
if attributes.key?(:'sign_logout_response')
|
|
314
|
+
self.sign_logout_response = attributes[:'sign_logout_response']
|
|
315
|
+
end
|
|
316
|
+
|
|
309
317
|
if attributes.key?(:'sp_binding')
|
|
310
318
|
self.sp_binding = attributes[:'sp_binding']
|
|
311
319
|
end
|
|
@@ -356,10 +364,6 @@ module Authentik::Api
|
|
|
356
364
|
invalid_properties.push('invalid value for "acs_url", the character length must be greater than or equal to 1.')
|
|
357
365
|
end
|
|
358
366
|
|
|
359
|
-
if !@issuer.nil? && @issuer.to_s.length < 1
|
|
360
|
-
invalid_properties.push('invalid value for "issuer", the character length must be greater than or equal to 1.')
|
|
361
|
-
end
|
|
362
|
-
|
|
363
367
|
if !@assertion_valid_not_before.nil? && @assertion_valid_not_before.to_s.length < 1
|
|
364
368
|
invalid_properties.push('invalid value for "assertion_valid_not_before", the character length must be greater than or equal to 1.')
|
|
365
369
|
end
|
|
@@ -385,7 +389,6 @@ module Authentik::Api
|
|
|
385
389
|
return false if @invalidation_flow.nil?
|
|
386
390
|
return false if @acs_url.nil?
|
|
387
391
|
return false if @acs_url.to_s.length < 1
|
|
388
|
-
return false if !@issuer.nil? && @issuer.to_s.length < 1
|
|
389
392
|
return false if !@assertion_valid_not_before.nil? && @assertion_valid_not_before.to_s.length < 1
|
|
390
393
|
return false if !@assertion_valid_not_on_or_after.nil? && @assertion_valid_not_on_or_after.to_s.length < 1
|
|
391
394
|
return false if !@session_valid_not_on_or_after.nil? && @session_valid_not_on_or_after.to_s.length < 1
|
|
@@ -440,20 +443,6 @@ module Authentik::Api
|
|
|
440
443
|
@acs_url = acs_url
|
|
441
444
|
end
|
|
442
445
|
|
|
443
|
-
# Custom attribute writer method with validation
|
|
444
|
-
# @param [Object] issuer Value to be assigned
|
|
445
|
-
def issuer=(issuer)
|
|
446
|
-
if issuer.nil?
|
|
447
|
-
fail ArgumentError, 'issuer cannot be nil'
|
|
448
|
-
end
|
|
449
|
-
|
|
450
|
-
if issuer.to_s.length < 1
|
|
451
|
-
fail ArgumentError, 'invalid value for "issuer", the character length must be greater than or equal to 1.'
|
|
452
|
-
end
|
|
453
|
-
|
|
454
|
-
@issuer = issuer
|
|
455
|
-
end
|
|
456
|
-
|
|
457
446
|
# Custom attribute writer method with validation
|
|
458
447
|
# @param [Object] assertion_valid_not_before Value to be assigned
|
|
459
448
|
def assertion_valid_not_before=(assertion_valid_not_before)
|
|
@@ -509,7 +498,7 @@ module Authentik::Api
|
|
|
509
498
|
acs_url == o.acs_url &&
|
|
510
499
|
sls_url == o.sls_url &&
|
|
511
500
|
audience == o.audience &&
|
|
512
|
-
|
|
501
|
+
issuer_override == o.issuer_override &&
|
|
513
502
|
assertion_valid_not_before == o.assertion_valid_not_before &&
|
|
514
503
|
assertion_valid_not_on_or_after == o.assertion_valid_not_on_or_after &&
|
|
515
504
|
session_valid_not_on_or_after == o.session_valid_not_on_or_after &&
|
|
@@ -523,6 +512,7 @@ module Authentik::Api
|
|
|
523
512
|
sign_assertion == o.sign_assertion &&
|
|
524
513
|
sign_response == o.sign_response &&
|
|
525
514
|
sign_logout_request == o.sign_logout_request &&
|
|
515
|
+
sign_logout_response == o.sign_logout_response &&
|
|
526
516
|
sp_binding == o.sp_binding &&
|
|
527
517
|
sls_binding == o.sls_binding &&
|
|
528
518
|
logout_method == o.logout_method &&
|
|
@@ -539,7 +529,7 @@ module Authentik::Api
|
|
|
539
529
|
# Calculates hash code according to all attributes.
|
|
540
530
|
# @return [Integer] Hash code
|
|
541
531
|
def hash
|
|
542
|
-
[name, authentication_flow, authorization_flow, invalidation_flow, property_mappings, acs_url, sls_url, audience,
|
|
532
|
+
[name, authentication_flow, authorization_flow, invalidation_flow, property_mappings, acs_url, sls_url, audience, issuer_override, assertion_valid_not_before, assertion_valid_not_on_or_after, session_valid_not_on_or_after, name_id_mapping, authn_context_class_ref_mapping, digest_algorithm, signature_algorithm, signing_kp, verification_kp, encryption_kp, sign_assertion, sign_response, sign_logout_request, sign_logout_response, sp_binding, sls_binding, logout_method, default_relay_state, default_name_id_policy].hash
|
|
543
533
|
end
|
|
544
534
|
|
|
545
535
|
# Builds the object from hash
|
|
@@ -79,6 +79,9 @@ module Authentik::Api
|
|
|
79
79
|
# Allows authentication flows initiated by the IdP. This can be a security risk, as no validation of the request ID is done.
|
|
80
80
|
attr_accessor :allow_idp_initiated
|
|
81
81
|
|
|
82
|
+
# When enabled, the IdP will re-authenticate the user even if a session exists.
|
|
83
|
+
attr_accessor :force_authn
|
|
84
|
+
|
|
82
85
|
# NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent.
|
|
83
86
|
attr_accessor :name_id_policy
|
|
84
87
|
|
|
@@ -155,6 +158,7 @@ module Authentik::Api
|
|
|
155
158
|
:'sso_url' => :'sso_url',
|
|
156
159
|
:'slo_url' => :'slo_url',
|
|
157
160
|
:'allow_idp_initiated' => :'allow_idp_initiated',
|
|
161
|
+
:'force_authn' => :'force_authn',
|
|
158
162
|
:'name_id_policy' => :'name_id_policy',
|
|
159
163
|
:'binding_type' => :'binding_type',
|
|
160
164
|
:'verification_kp' => :'verification_kp',
|
|
@@ -207,6 +211,7 @@ module Authentik::Api
|
|
|
207
211
|
:'sso_url' => :'String',
|
|
208
212
|
:'slo_url' => :'String',
|
|
209
213
|
:'allow_idp_initiated' => :'Boolean',
|
|
214
|
+
:'force_authn' => :'Boolean',
|
|
210
215
|
:'name_id_policy' => :'SAMLNameIDPolicyEnum',
|
|
211
216
|
:'binding_type' => :'BindingTypeEnum',
|
|
212
217
|
:'verification_kp' => :'String',
|
|
@@ -382,6 +387,10 @@ module Authentik::Api
|
|
|
382
387
|
self.allow_idp_initiated = attributes[:'allow_idp_initiated']
|
|
383
388
|
end
|
|
384
389
|
|
|
390
|
+
if attributes.key?(:'force_authn')
|
|
391
|
+
self.force_authn = attributes[:'force_authn']
|
|
392
|
+
end
|
|
393
|
+
|
|
385
394
|
if attributes.key?(:'name_id_policy')
|
|
386
395
|
self.name_id_policy = attributes[:'name_id_policy']
|
|
387
396
|
end
|
|
@@ -630,6 +639,7 @@ module Authentik::Api
|
|
|
630
639
|
sso_url == o.sso_url &&
|
|
631
640
|
slo_url == o.slo_url &&
|
|
632
641
|
allow_idp_initiated == o.allow_idp_initiated &&
|
|
642
|
+
force_authn == o.force_authn &&
|
|
633
643
|
name_id_policy == o.name_id_policy &&
|
|
634
644
|
binding_type == o.binding_type &&
|
|
635
645
|
verification_kp == o.verification_kp &&
|
|
@@ -651,7 +661,7 @@ module Authentik::Api
|
|
|
651
661
|
# Calculates hash code according to all attributes.
|
|
652
662
|
# @return [Integer] Hash code
|
|
653
663
|
def hash
|
|
654
|
-
[pk, name, slug, enabled, promoted, authentication_flow, enrollment_flow, user_property_mappings, group_property_mappings, component, verbose_name, verbose_name_plural, meta_model_name, policy_engine_mode, user_matching_mode, managed, user_path_template, icon, icon_url, icon_themed_urls, group_matching_mode, pre_authentication_flow, issuer, sso_url, slo_url, allow_idp_initiated, name_id_policy, binding_type, verification_kp, signing_kp, digest_algorithm, signature_algorithm, temporary_user_delete_after, encryption_kp, signed_assertion, signed_response].hash
|
|
664
|
+
[pk, name, slug, enabled, promoted, authentication_flow, enrollment_flow, user_property_mappings, group_property_mappings, component, verbose_name, verbose_name_plural, meta_model_name, policy_engine_mode, user_matching_mode, managed, user_path_template, icon, icon_url, icon_themed_urls, group_matching_mode, pre_authentication_flow, issuer, sso_url, slo_url, allow_idp_initiated, force_authn, name_id_policy, binding_type, verification_kp, signing_kp, digest_algorithm, signature_algorithm, temporary_user_delete_after, encryption_kp, signed_assertion, signed_response].hash
|
|
655
665
|
end
|
|
656
666
|
|
|
657
667
|
# Builds the object from hash
|
|
@@ -58,6 +58,9 @@ module Authentik::Api
|
|
|
58
58
|
# Allows authentication flows initiated by the IdP. This can be a security risk, as no validation of the request ID is done.
|
|
59
59
|
attr_accessor :allow_idp_initiated
|
|
60
60
|
|
|
61
|
+
# When enabled, the IdP will re-authenticate the user even if a session exists.
|
|
62
|
+
attr_accessor :force_authn
|
|
63
|
+
|
|
61
64
|
# NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent.
|
|
62
65
|
attr_accessor :name_id_policy
|
|
63
66
|
|
|
@@ -126,6 +129,7 @@ module Authentik::Api
|
|
|
126
129
|
:'sso_url' => :'sso_url',
|
|
127
130
|
:'slo_url' => :'slo_url',
|
|
128
131
|
:'allow_idp_initiated' => :'allow_idp_initiated',
|
|
132
|
+
:'force_authn' => :'force_authn',
|
|
129
133
|
:'name_id_policy' => :'name_id_policy',
|
|
130
134
|
:'binding_type' => :'binding_type',
|
|
131
135
|
:'verification_kp' => :'verification_kp',
|
|
@@ -170,6 +174,7 @@ module Authentik::Api
|
|
|
170
174
|
:'sso_url' => :'String',
|
|
171
175
|
:'slo_url' => :'String',
|
|
172
176
|
:'allow_idp_initiated' => :'Boolean',
|
|
177
|
+
:'force_authn' => :'Boolean',
|
|
173
178
|
:'name_id_policy' => :'SAMLNameIDPolicyEnum',
|
|
174
179
|
:'binding_type' => :'BindingTypeEnum',
|
|
175
180
|
:'verification_kp' => :'String',
|
|
@@ -295,6 +300,10 @@ module Authentik::Api
|
|
|
295
300
|
self.allow_idp_initiated = attributes[:'allow_idp_initiated']
|
|
296
301
|
end
|
|
297
302
|
|
|
303
|
+
if attributes.key?(:'force_authn')
|
|
304
|
+
self.force_authn = attributes[:'force_authn']
|
|
305
|
+
end
|
|
306
|
+
|
|
298
307
|
if attributes.key?(:'name_id_policy')
|
|
299
308
|
self.name_id_policy = attributes[:'name_id_policy']
|
|
300
309
|
end
|
|
@@ -510,6 +519,7 @@ module Authentik::Api
|
|
|
510
519
|
sso_url == o.sso_url &&
|
|
511
520
|
slo_url == o.slo_url &&
|
|
512
521
|
allow_idp_initiated == o.allow_idp_initiated &&
|
|
522
|
+
force_authn == o.force_authn &&
|
|
513
523
|
name_id_policy == o.name_id_policy &&
|
|
514
524
|
binding_type == o.binding_type &&
|
|
515
525
|
verification_kp == o.verification_kp &&
|
|
@@ -531,7 +541,7 @@ module Authentik::Api
|
|
|
531
541
|
# Calculates hash code according to all attributes.
|
|
532
542
|
# @return [Integer] Hash code
|
|
533
543
|
def hash
|
|
534
|
-
[name, slug, enabled, promoted, authentication_flow, enrollment_flow, user_property_mappings, group_property_mappings, policy_engine_mode, user_matching_mode, user_path_template, icon, group_matching_mode, pre_authentication_flow, issuer, sso_url, slo_url, allow_idp_initiated, name_id_policy, binding_type, verification_kp, signing_kp, digest_algorithm, signature_algorithm, temporary_user_delete_after, encryption_kp, signed_assertion, signed_response].hash
|
|
544
|
+
[name, slug, enabled, promoted, authentication_flow, enrollment_flow, user_property_mappings, group_property_mappings, policy_engine_mode, user_matching_mode, user_path_template, icon, group_matching_mode, pre_authentication_flow, issuer, sso_url, slo_url, allow_idp_initiated, force_authn, name_id_policy, binding_type, verification_kp, signing_kp, digest_algorithm, signature_algorithm, temporary_user_delete_after, encryption_kp, signed_assertion, signed_response].hash
|
|
535
545
|
end
|
|
536
546
|
|
|
537
547
|
# Builds the object from hash
|
|
@@ -33,10 +33,14 @@ module Authentik::Api
|
|
|
33
33
|
|
|
34
34
|
attr_accessor :oidc_auth_providers
|
|
35
35
|
|
|
36
|
+
attr_accessor :oidc_auth_providers_obj
|
|
37
|
+
|
|
36
38
|
attr_accessor :ssf_url
|
|
37
39
|
|
|
38
40
|
attr_accessor :event_retention
|
|
39
41
|
|
|
42
|
+
attr_accessor :push_verify_certificates
|
|
43
|
+
|
|
40
44
|
# Attribute mapping from ruby-style variable name to JSON key.
|
|
41
45
|
def self.attribute_map
|
|
42
46
|
{
|
|
@@ -49,8 +53,10 @@ module Authentik::Api
|
|
|
49
53
|
:'signing_key' => :'signing_key',
|
|
50
54
|
:'token_obj' => :'token_obj',
|
|
51
55
|
:'oidc_auth_providers' => :'oidc_auth_providers',
|
|
56
|
+
:'oidc_auth_providers_obj' => :'oidc_auth_providers_obj',
|
|
52
57
|
:'ssf_url' => :'ssf_url',
|
|
53
|
-
:'event_retention' => :'event_retention'
|
|
58
|
+
:'event_retention' => :'event_retention',
|
|
59
|
+
:'push_verify_certificates' => :'push_verify_certificates'
|
|
54
60
|
}
|
|
55
61
|
end
|
|
56
62
|
|
|
@@ -76,8 +82,10 @@ module Authentik::Api
|
|
|
76
82
|
:'signing_key' => :'String',
|
|
77
83
|
:'token_obj' => :'Token',
|
|
78
84
|
:'oidc_auth_providers' => :'Array<Integer>',
|
|
85
|
+
:'oidc_auth_providers_obj' => :'Array<Provider>',
|
|
79
86
|
:'ssf_url' => :'String',
|
|
80
|
-
:'event_retention' => :'String'
|
|
87
|
+
:'event_retention' => :'String',
|
|
88
|
+
:'push_verify_certificates' => :'Boolean'
|
|
81
89
|
}
|
|
82
90
|
end
|
|
83
91
|
|
|
@@ -158,6 +166,14 @@ module Authentik::Api
|
|
|
158
166
|
end
|
|
159
167
|
end
|
|
160
168
|
|
|
169
|
+
if attributes.key?(:'oidc_auth_providers_obj')
|
|
170
|
+
if (value = attributes[:'oidc_auth_providers_obj']).is_a?(Array)
|
|
171
|
+
self.oidc_auth_providers_obj = value
|
|
172
|
+
end
|
|
173
|
+
else
|
|
174
|
+
self.oidc_auth_providers_obj = nil
|
|
175
|
+
end
|
|
176
|
+
|
|
161
177
|
if attributes.key?(:'ssf_url')
|
|
162
178
|
self.ssf_url = attributes[:'ssf_url']
|
|
163
179
|
else
|
|
@@ -167,6 +183,10 @@ module Authentik::Api
|
|
|
167
183
|
if attributes.key?(:'event_retention')
|
|
168
184
|
self.event_retention = attributes[:'event_retention']
|
|
169
185
|
end
|
|
186
|
+
|
|
187
|
+
if attributes.key?(:'push_verify_certificates')
|
|
188
|
+
self.push_verify_certificates = attributes[:'push_verify_certificates']
|
|
189
|
+
end
|
|
170
190
|
end
|
|
171
191
|
|
|
172
192
|
# Show invalid properties with the reasons. Usually used together with valid?
|
|
@@ -206,6 +226,10 @@ module Authentik::Api
|
|
|
206
226
|
invalid_properties.push('invalid value for "token_obj", token_obj cannot be nil.')
|
|
207
227
|
end
|
|
208
228
|
|
|
229
|
+
if @oidc_auth_providers_obj.nil?
|
|
230
|
+
invalid_properties.push('invalid value for "oidc_auth_providers_obj", oidc_auth_providers_obj cannot be nil.')
|
|
231
|
+
end
|
|
232
|
+
|
|
209
233
|
invalid_properties
|
|
210
234
|
end
|
|
211
235
|
|
|
@@ -221,6 +245,7 @@ module Authentik::Api
|
|
|
221
245
|
return false if @meta_model_name.nil?
|
|
222
246
|
return false if @signing_key.nil?
|
|
223
247
|
return false if @token_obj.nil?
|
|
248
|
+
return false if @oidc_auth_providers_obj.nil?
|
|
224
249
|
true
|
|
225
250
|
end
|
|
226
251
|
|
|
@@ -304,6 +329,16 @@ module Authentik::Api
|
|
|
304
329
|
@token_obj = token_obj
|
|
305
330
|
end
|
|
306
331
|
|
|
332
|
+
# Custom attribute writer method with validation
|
|
333
|
+
# @param [Object] oidc_auth_providers_obj Value to be assigned
|
|
334
|
+
def oidc_auth_providers_obj=(oidc_auth_providers_obj)
|
|
335
|
+
if oidc_auth_providers_obj.nil?
|
|
336
|
+
fail ArgumentError, 'oidc_auth_providers_obj cannot be nil'
|
|
337
|
+
end
|
|
338
|
+
|
|
339
|
+
@oidc_auth_providers_obj = oidc_auth_providers_obj
|
|
340
|
+
end
|
|
341
|
+
|
|
307
342
|
# Checks equality by comparing each attribute.
|
|
308
343
|
# @param [Object] Object to be compared
|
|
309
344
|
def ==(o)
|
|
@@ -318,8 +353,10 @@ module Authentik::Api
|
|
|
318
353
|
signing_key == o.signing_key &&
|
|
319
354
|
token_obj == o.token_obj &&
|
|
320
355
|
oidc_auth_providers == o.oidc_auth_providers &&
|
|
356
|
+
oidc_auth_providers_obj == o.oidc_auth_providers_obj &&
|
|
321
357
|
ssf_url == o.ssf_url &&
|
|
322
|
-
event_retention == o.event_retention
|
|
358
|
+
event_retention == o.event_retention &&
|
|
359
|
+
push_verify_certificates == o.push_verify_certificates
|
|
323
360
|
end
|
|
324
361
|
|
|
325
362
|
# @see the `==` method
|
|
@@ -331,7 +368,7 @@ module Authentik::Api
|
|
|
331
368
|
# Calculates hash code according to all attributes.
|
|
332
369
|
# @return [Integer] Hash code
|
|
333
370
|
def hash
|
|
334
|
-
[pk, name, component, verbose_name, verbose_name_plural, meta_model_name, signing_key, token_obj, oidc_auth_providers, ssf_url, event_retention].hash
|
|
371
|
+
[pk, name, component, verbose_name, verbose_name_plural, meta_model_name, signing_key, token_obj, oidc_auth_providers, oidc_auth_providers_obj, ssf_url, event_retention, push_verify_certificates].hash
|
|
335
372
|
end
|
|
336
373
|
|
|
337
374
|
# Builds the object from hash
|
|
@@ -19,13 +19,16 @@ module Authentik::Api
|
|
|
19
19
|
|
|
20
20
|
attr_accessor :event_retention
|
|
21
21
|
|
|
22
|
+
attr_accessor :push_verify_certificates
|
|
23
|
+
|
|
22
24
|
# Attribute mapping from ruby-style variable name to JSON key.
|
|
23
25
|
def self.attribute_map
|
|
24
26
|
{
|
|
25
27
|
:'name' => :'name',
|
|
26
28
|
:'signing_key' => :'signing_key',
|
|
27
29
|
:'oidc_auth_providers' => :'oidc_auth_providers',
|
|
28
|
-
:'event_retention' => :'event_retention'
|
|
30
|
+
:'event_retention' => :'event_retention',
|
|
31
|
+
:'push_verify_certificates' => :'push_verify_certificates'
|
|
29
32
|
}
|
|
30
33
|
end
|
|
31
34
|
|
|
@@ -45,7 +48,8 @@ module Authentik::Api
|
|
|
45
48
|
:'name' => :'String',
|
|
46
49
|
:'signing_key' => :'String',
|
|
47
50
|
:'oidc_auth_providers' => :'Array<Integer>',
|
|
48
|
-
:'event_retention' => :'String'
|
|
51
|
+
:'event_retention' => :'String',
|
|
52
|
+
:'push_verify_certificates' => :'Boolean'
|
|
49
53
|
}
|
|
50
54
|
end
|
|
51
55
|
|
|
@@ -92,6 +96,10 @@ module Authentik::Api
|
|
|
92
96
|
if attributes.key?(:'event_retention')
|
|
93
97
|
self.event_retention = attributes[:'event_retention']
|
|
94
98
|
end
|
|
99
|
+
|
|
100
|
+
if attributes.key?(:'push_verify_certificates')
|
|
101
|
+
self.push_verify_certificates = attributes[:'push_verify_certificates']
|
|
102
|
+
end
|
|
95
103
|
end
|
|
96
104
|
|
|
97
105
|
# Show invalid properties with the reasons. Usually used together with valid?
|
|
@@ -175,7 +183,8 @@ module Authentik::Api
|
|
|
175
183
|
name == o.name &&
|
|
176
184
|
signing_key == o.signing_key &&
|
|
177
185
|
oidc_auth_providers == o.oidc_auth_providers &&
|
|
178
|
-
event_retention == o.event_retention
|
|
186
|
+
event_retention == o.event_retention &&
|
|
187
|
+
push_verify_certificates == o.push_verify_certificates
|
|
179
188
|
end
|
|
180
189
|
|
|
181
190
|
# @see the `==` method
|
|
@@ -187,7 +196,7 @@ module Authentik::Api
|
|
|
187
196
|
# Calculates hash code according to all attributes.
|
|
188
197
|
# @return [Integer] Hash code
|
|
189
198
|
def hash
|
|
190
|
-
[name, signing_key, oidc_auth_providers, event_retention].hash
|
|
199
|
+
[name, signing_key, oidc_auth_providers, event_retention, push_verify_certificates].hash
|
|
191
200
|
end
|
|
192
201
|
|
|
193
202
|
# Builds the object from hash
|