authentik.enterprise.endpoints.connectors.google_chrome.views.dtc
1from typing import Any 2 3from django.http import HttpRequest, HttpResponse, HttpResponseBadRequest 4from django.template.response import TemplateResponse 5from django.utils.decorators import method_decorator 6from django.views import View 7from django.views.decorators.clickjacking import xframe_options_sameorigin 8 9from authentik.endpoints.models import EndpointStage 10from authentik.enterprise.endpoints.connectors.google_chrome.controller import ( 11 HEADER_ACCESS_CHALLENGE_RESPONSE, 12 HEADER_DEVICE_TRUST, 13 GoogleChromeController, 14) 15from authentik.enterprise.endpoints.connectors.google_chrome.models import GoogleChromeConnector 16from authentik.flows.planner import PLAN_CONTEXT_DEVICE, FlowPlan 17from authentik.flows.views.executor import SESSION_KEY_PLAN 18 19 20@method_decorator(xframe_options_sameorigin, name="dispatch") 21class GoogleChromeDeviceTrustConnector(View): 22 """Google Chrome Device-trust connector based endpoint authenticator""" 23 24 def get_flow_plan(self) -> FlowPlan: 25 flow_plan: FlowPlan = self.request.session[SESSION_KEY_PLAN] 26 return flow_plan 27 28 def setup(self, request: HttpRequest, *args: Any, **kwargs: Any) -> None: 29 super().setup(request, *args, **kwargs) 30 stage: EndpointStage = self.get_flow_plan().bindings[0].stage 31 connector = GoogleChromeConnector.objects.filter(pk=stage.connector_id).first() 32 if not connector: 33 return HttpResponseBadRequest() 34 self.controller: GoogleChromeController = connector.controller(connector) 35 36 def get(self, request: HttpRequest) -> HttpResponse: 37 x_device_trust = request.headers.get(HEADER_DEVICE_TRUST) 38 x_access_challenge_response = request.headers.get(HEADER_ACCESS_CHALLENGE_RESPONSE) 39 if x_device_trust == "VerifiedAccess" and x_access_challenge_response is None: 40 return self.controller.generate_challenge(request) 41 if x_access_challenge_response: 42 device = self.controller.validate_challenge(x_access_challenge_response) 43 flow_plan = self.get_flow_plan() 44 flow_plan.context[PLAN_CONTEXT_DEVICE] = device 45 self.request.session[SESSION_KEY_PLAN] = flow_plan 46 return TemplateResponse(request, "flows/frame-submit.html")
@method_decorator(xframe_options_sameorigin, name='dispatch')
class
GoogleChromeDeviceTrustConnector21@method_decorator(xframe_options_sameorigin, name="dispatch") 22class GoogleChromeDeviceTrustConnector(View): 23 """Google Chrome Device-trust connector based endpoint authenticator""" 24 25 def get_flow_plan(self) -> FlowPlan: 26 flow_plan: FlowPlan = self.request.session[SESSION_KEY_PLAN] 27 return flow_plan 28 29 def setup(self, request: HttpRequest, *args: Any, **kwargs: Any) -> None: 30 super().setup(request, *args, **kwargs) 31 stage: EndpointStage = self.get_flow_plan().bindings[0].stage 32 connector = GoogleChromeConnector.objects.filter(pk=stage.connector_id).first() 33 if not connector: 34 return HttpResponseBadRequest() 35 self.controller: GoogleChromeController = connector.controller(connector) 36 37 def get(self, request: HttpRequest) -> HttpResponse: 38 x_device_trust = request.headers.get(HEADER_DEVICE_TRUST) 39 x_access_challenge_response = request.headers.get(HEADER_ACCESS_CHALLENGE_RESPONSE) 40 if x_device_trust == "VerifiedAccess" and x_access_challenge_response is None: 41 return self.controller.generate_challenge(request) 42 if x_access_challenge_response: 43 device = self.controller.validate_challenge(x_access_challenge_response) 44 flow_plan = self.get_flow_plan() 45 flow_plan.context[PLAN_CONTEXT_DEVICE] = device 46 self.request.session[SESSION_KEY_PLAN] = flow_plan 47 return TemplateResponse(request, "flows/frame-submit.html")
Google Chrome Device-trust connector based endpoint authenticator
def
setup( self, request: django.http.request.HttpRequest, *args: Any, **kwargs: Any) -> None:
29 def setup(self, request: HttpRequest, *args: Any, **kwargs: Any) -> None: 30 super().setup(request, *args, **kwargs) 31 stage: EndpointStage = self.get_flow_plan().bindings[0].stage 32 connector = GoogleChromeConnector.objects.filter(pk=stage.connector_id).first() 33 if not connector: 34 return HttpResponseBadRequest() 35 self.controller: GoogleChromeController = connector.controller(connector)
Initialize attributes shared by all view methods.
def
get( self, request: django.http.request.HttpRequest) -> django.http.response.HttpResponse:
37 def get(self, request: HttpRequest) -> HttpResponse: 38 x_device_trust = request.headers.get(HEADER_DEVICE_TRUST) 39 x_access_challenge_response = request.headers.get(HEADER_ACCESS_CHALLENGE_RESPONSE) 40 if x_device_trust == "VerifiedAccess" and x_access_challenge_response is None: 41 return self.controller.generate_challenge(request) 42 if x_access_challenge_response: 43 device = self.controller.validate_challenge(x_access_challenge_response) 44 flow_plan = self.get_flow_plan() 45 flow_plan.context[PLAN_CONTEXT_DEVICE] = device 46 self.request.session[SESSION_KEY_PLAN] = flow_plan 47 return TemplateResponse(request, "flows/frame-submit.html")
def
dispatch(self, request, *args, **kwargs):
135 def dispatch(self, request, *args, **kwargs): 136 # Try to dispatch to the right method; if a method doesn't exist, 137 # defer to the error handler. Also defer to the error handler if the 138 # request method isn't on the approved list. 139 if request.method.lower() in self.http_method_names: 140 handler = getattr( 141 self, request.method.lower(), self.http_method_not_allowed 142 ) 143 else: 144 handler = self.http_method_not_allowed 145 return handler(request, *args, **kwargs)