authentik.api.v3.config
core Configs API
1"""core Configs API""" 2 3from django.conf import settings 4from django.db import models 5from django.dispatch import Signal 6from django.http import HttpRequest 7from drf_spectacular.utils import extend_schema 8from rest_framework.fields import ( 9 BooleanField, 10 CharField, 11 ChoiceField, 12 FloatField, 13 IntegerField, 14 ListField, 15) 16from rest_framework.permissions import AllowAny 17from rest_framework.request import Request 18from rest_framework.response import Response 19from rest_framework.views import APIView 20 21from authentik.admin.files.manager import get_file_manager 22from authentik.admin.files.usage import FileUsage 23from authentik.core.api.utils import PassiveSerializer 24from authentik.events.context_processors.base import get_context_processors 25from authentik.lib.config import CONFIG 26 27capabilities = Signal() 28 29 30class Capabilities(models.TextChoices): 31 """Define capabilities which influence which APIs can/should be used""" 32 33 CAN_SAVE_MEDIA = "can_save_media" 34 CAN_SAVE_REPORTS = "can_save_reports" 35 CAN_GEO_IP = "can_geo_ip" 36 CAN_ASN = "can_asn" 37 CAN_IMPERSONATE = "can_impersonate" 38 CAN_DEBUG = "can_debug" 39 IS_ENTERPRISE = "is_enterprise" 40 41 42class ErrorReportingConfigSerializer(PassiveSerializer): 43 """Config for error reporting""" 44 45 enabled = BooleanField(read_only=True) 46 sentry_dsn = CharField(read_only=True) 47 environment = CharField(read_only=True) 48 send_pii = BooleanField(read_only=True) 49 traces_sample_rate = FloatField(read_only=True) 50 51 52class ConfigSerializer(PassiveSerializer): 53 """Serialize authentik Config into DRF Object""" 54 55 error_reporting = ErrorReportingConfigSerializer(required=True) 56 capabilities = ListField(child=ChoiceField(choices=Capabilities.choices)) 57 58 cache_timeout = IntegerField(required=True) 59 cache_timeout_flows = IntegerField(required=True) 60 cache_timeout_policies = IntegerField(required=True) 61 62 63class ConfigView(APIView): 64 """Read-only view set that returns the current session's Configs""" 65 66 permission_classes = [AllowAny] 67 68 @staticmethod 69 def get_capabilities(request: HttpRequest) -> list[Capabilities]: 70 """Get all capabilities this server instance supports""" 71 caps = [] 72 if get_file_manager(FileUsage.MEDIA).manageable: 73 caps.append(Capabilities.CAN_SAVE_MEDIA) 74 if get_file_manager(FileUsage.REPORTS).manageable: 75 caps.append(Capabilities.CAN_SAVE_REPORTS) 76 for processor in get_context_processors(): 77 if cap := processor.capability(): 78 caps.append(cap) 79 if request.tenant.impersonation: 80 caps.append(Capabilities.CAN_IMPERSONATE) 81 if settings.DEBUG: # pragma: no cover 82 caps.append(Capabilities.CAN_DEBUG) 83 if "authentik.enterprise" in settings.INSTALLED_APPS: 84 caps.append(Capabilities.IS_ENTERPRISE) 85 for _, result in capabilities.send(sender=ConfigView): 86 if result: 87 caps.append(result) 88 return caps 89 90 @staticmethod 91 def get_config(request: HttpRequest) -> ConfigSerializer: 92 """Get Config""" 93 return ConfigSerializer( 94 { 95 "error_reporting": { 96 "enabled": CONFIG.get("error_reporting.enabled"), 97 "sentry_dsn": CONFIG.get("error_reporting.sentry_dsn"), 98 "environment": CONFIG.get("error_reporting.environment"), 99 "send_pii": CONFIG.get("error_reporting.send_pii"), 100 "traces_sample_rate": float(CONFIG.get("error_reporting.sample_rate", 0.4)), 101 }, 102 "capabilities": ConfigView.get_capabilities(request), 103 "cache_timeout": CONFIG.get_int("cache.timeout"), 104 "cache_timeout_flows": CONFIG.get_int("cache.timeout_flows"), 105 "cache_timeout_policies": CONFIG.get_int("cache.timeout_policies"), 106 } 107 ) 108 109 @extend_schema(responses={200: ConfigSerializer(many=False)}) 110 def get(self, request: Request) -> Response: 111 """Retrieve public configuration options""" 112 return Response(ConfigView.get_config(request).data)
capabilities =
<django.dispatch.dispatcher.Signal object>
class
Capabilities(django.db.models.enums.TextChoices):
31class Capabilities(models.TextChoices): 32 """Define capabilities which influence which APIs can/should be used""" 33 34 CAN_SAVE_MEDIA = "can_save_media" 35 CAN_SAVE_REPORTS = "can_save_reports" 36 CAN_GEO_IP = "can_geo_ip" 37 CAN_ASN = "can_asn" 38 CAN_IMPERSONATE = "can_impersonate" 39 CAN_DEBUG = "can_debug" 40 IS_ENTERPRISE = "is_enterprise"
Define capabilities which influence which APIs can/should be used
CAN_SAVE_MEDIA =
Capabilities.CAN_SAVE_MEDIA
CAN_SAVE_REPORTS =
Capabilities.CAN_SAVE_REPORTS
CAN_GEO_IP =
Capabilities.CAN_GEO_IP
CAN_ASN =
Capabilities.CAN_ASN
CAN_IMPERSONATE =
Capabilities.CAN_IMPERSONATE
CAN_DEBUG =
Capabilities.CAN_DEBUG
IS_ENTERPRISE =
Capabilities.IS_ENTERPRISE
43class ErrorReportingConfigSerializer(PassiveSerializer): 44 """Config for error reporting""" 45 46 enabled = BooleanField(read_only=True) 47 sentry_dsn = CharField(read_only=True) 48 environment = CharField(read_only=True) 49 send_pii = BooleanField(read_only=True) 50 traces_sample_rate = FloatField(read_only=True)
Config for error reporting
Inherited Members
53class ConfigSerializer(PassiveSerializer): 54 """Serialize authentik Config into DRF Object""" 55 56 error_reporting = ErrorReportingConfigSerializer(required=True) 57 capabilities = ListField(child=ChoiceField(choices=Capabilities.choices)) 58 59 cache_timeout = IntegerField(required=True) 60 cache_timeout_flows = IntegerField(required=True) 61 cache_timeout_policies = IntegerField(required=True)
Serialize authentik Config into DRF Object
Inherited Members
class
ConfigView(rest_framework.views.APIView):
64class ConfigView(APIView): 65 """Read-only view set that returns the current session's Configs""" 66 67 permission_classes = [AllowAny] 68 69 @staticmethod 70 def get_capabilities(request: HttpRequest) -> list[Capabilities]: 71 """Get all capabilities this server instance supports""" 72 caps = [] 73 if get_file_manager(FileUsage.MEDIA).manageable: 74 caps.append(Capabilities.CAN_SAVE_MEDIA) 75 if get_file_manager(FileUsage.REPORTS).manageable: 76 caps.append(Capabilities.CAN_SAVE_REPORTS) 77 for processor in get_context_processors(): 78 if cap := processor.capability(): 79 caps.append(cap) 80 if request.tenant.impersonation: 81 caps.append(Capabilities.CAN_IMPERSONATE) 82 if settings.DEBUG: # pragma: no cover 83 caps.append(Capabilities.CAN_DEBUG) 84 if "authentik.enterprise" in settings.INSTALLED_APPS: 85 caps.append(Capabilities.IS_ENTERPRISE) 86 for _, result in capabilities.send(sender=ConfigView): 87 if result: 88 caps.append(result) 89 return caps 90 91 @staticmethod 92 def get_config(request: HttpRequest) -> ConfigSerializer: 93 """Get Config""" 94 return ConfigSerializer( 95 { 96 "error_reporting": { 97 "enabled": CONFIG.get("error_reporting.enabled"), 98 "sentry_dsn": CONFIG.get("error_reporting.sentry_dsn"), 99 "environment": CONFIG.get("error_reporting.environment"), 100 "send_pii": CONFIG.get("error_reporting.send_pii"), 101 "traces_sample_rate": float(CONFIG.get("error_reporting.sample_rate", 0.4)), 102 }, 103 "capabilities": ConfigView.get_capabilities(request), 104 "cache_timeout": CONFIG.get_int("cache.timeout"), 105 "cache_timeout_flows": CONFIG.get_int("cache.timeout_flows"), 106 "cache_timeout_policies": CONFIG.get_int("cache.timeout_policies"), 107 } 108 ) 109 110 @extend_schema(responses={200: ConfigSerializer(many=False)}) 111 def get(self, request: Request) -> Response: 112 """Retrieve public configuration options""" 113 return Response(ConfigView.get_config(request).data)
Read-only view set that returns the current session's Configs
@staticmethod
def
get_capabilities( request: django.http.request.HttpRequest) -> list[Capabilities]:
69 @staticmethod 70 def get_capabilities(request: HttpRequest) -> list[Capabilities]: 71 """Get all capabilities this server instance supports""" 72 caps = [] 73 if get_file_manager(FileUsage.MEDIA).manageable: 74 caps.append(Capabilities.CAN_SAVE_MEDIA) 75 if get_file_manager(FileUsage.REPORTS).manageable: 76 caps.append(Capabilities.CAN_SAVE_REPORTS) 77 for processor in get_context_processors(): 78 if cap := processor.capability(): 79 caps.append(cap) 80 if request.tenant.impersonation: 81 caps.append(Capabilities.CAN_IMPERSONATE) 82 if settings.DEBUG: # pragma: no cover 83 caps.append(Capabilities.CAN_DEBUG) 84 if "authentik.enterprise" in settings.INSTALLED_APPS: 85 caps.append(Capabilities.IS_ENTERPRISE) 86 for _, result in capabilities.send(sender=ConfigView): 87 if result: 88 caps.append(result) 89 return caps
Get all capabilities this server instance supports
91 @staticmethod 92 def get_config(request: HttpRequest) -> ConfigSerializer: 93 """Get Config""" 94 return ConfigSerializer( 95 { 96 "error_reporting": { 97 "enabled": CONFIG.get("error_reporting.enabled"), 98 "sentry_dsn": CONFIG.get("error_reporting.sentry_dsn"), 99 "environment": CONFIG.get("error_reporting.environment"), 100 "send_pii": CONFIG.get("error_reporting.send_pii"), 101 "traces_sample_rate": float(CONFIG.get("error_reporting.sample_rate", 0.4)), 102 }, 103 "capabilities": ConfigView.get_capabilities(request), 104 "cache_timeout": CONFIG.get_int("cache.timeout"), 105 "cache_timeout_flows": CONFIG.get_int("cache.timeout_flows"), 106 "cache_timeout_policies": CONFIG.get_int("cache.timeout_policies"), 107 } 108 )
Get Config
@extend_schema(responses={200: ConfigSerializer(many=False)})
def
get( self, request: rest_framework.request.Request) -> rest_framework.response.Response:
110 @extend_schema(responses={200: ConfigSerializer(many=False)}) 111 def get(self, request: Request) -> Response: 112 """Retrieve public configuration options""" 113 return Response(ConfigView.get_config(request).data)
Retrieve public configuration options