authentik.providers.saml.migrations.0020_samlprovider_logout_method_and_more
1# Generated by Django 5.1.12 on 2025-10-02 10:57 2 3import authentik.lib.models 4import django.db.models.deletion 5import uuid 6from django.conf import settings 7from django.db import migrations, models 8 9 10class Migration(migrations.Migration): 11 12 dependencies = [ 13 ("authentik_core", "0051_group_authentik_c_is_supe_1e5a97_idx"), 14 ("authentik_providers_saml", "0019_samlprovider_default_name_id_policy"), 15 migrations.swappable_dependency(settings.AUTH_USER_MODEL), 16 ] 17 18 operations = [ 19 migrations.AddField( 20 model_name="samlprovider", 21 name="logout_method", 22 field=models.TextField( 23 choices=[ 24 ("frontchannel_iframe", "Frontchannel Iframe"), 25 ("frontchannel_native", "Frontchannel Native"), 26 ("backchannel", "Backchannel"), 27 ], 28 default="frontchannel_iframe", 29 help_text="Method to use for logout. Front-channel iframe loads all logout URLs simultaneously in hidden iframes. Front-channel native uses your active browser tab to send post requests and redirect to providers. Back-channel sends logout requests directly from the server without user interaction (requires POST SLS binding).", 30 ), 31 ), 32 migrations.AddField( 33 model_name="samlprovider", 34 name="sign_logout_request", 35 field=models.BooleanField(default=False), 36 ), 37 migrations.AddField( 38 model_name="samlprovider", 39 name="sls_binding", 40 field=models.TextField( 41 choices=[("redirect", "Redirect"), ("post", "Post")], 42 default="redirect", 43 help_text="This determines how authentik sends the logout response back to the Service Provider.", 44 verbose_name="SLS Binding", 45 ), 46 ), 47 migrations.AddField( 48 model_name="samlprovider", 49 name="sls_url", 50 field=models.TextField( 51 blank=True, 52 help_text="Single Logout Service URL where the logout response should be sent.", 53 validators=[authentik.lib.models.DomainlessURLValidator(schemes=("http", "https"))], 54 verbose_name="SLS URL", 55 ), 56 ), 57 migrations.CreateModel( 58 name="SAMLSession", 59 fields=[ 60 ("expires", models.DateTimeField(default=None, null=True)), 61 ("expiring", models.BooleanField(default=True)), 62 ( 63 "saml_session_id", 64 models.UUIDField(default=uuid.uuid4, primary_key=True, serialize=False), 65 ), 66 ("session_index", models.TextField(help_text="SAML SessionIndex for this session")), 67 ("name_id", models.TextField(help_text="SAML NameID value for this session")), 68 ( 69 "name_id_format", 70 models.TextField(blank=True, default="", help_text="SAML NameID format"), 71 ), 72 ("created", models.DateTimeField(auto_now_add=True)), 73 ( 74 "provider", 75 models.ForeignKey( 76 on_delete=django.db.models.deletion.CASCADE, 77 to="authentik_providers_saml.samlprovider", 78 ), 79 ), 80 ( 81 "session", 82 models.ForeignKey( 83 help_text="Link to the user's authenticated session", 84 on_delete=django.db.models.deletion.CASCADE, 85 to="authentik_core.authenticatedsession", 86 ), 87 ), 88 ( 89 "user", 90 models.ForeignKey( 91 on_delete=django.db.models.deletion.CASCADE, 92 to=settings.AUTH_USER_MODEL, 93 verbose_name="User", 94 ), 95 ), 96 ], 97 options={ 98 "verbose_name": "SAML Session", 99 "verbose_name_plural": "SAML Sessions", 100 "indexes": [ 101 models.Index(fields=["session_index"], name="authentik_p_session_662109_idx"), 102 models.Index( 103 fields=["provider", "user"], name="authentik_p_provide_92c2e4_idx" 104 ), 105 models.Index(fields=["session"], name="authentik_p_session_5f125f_idx"), 106 ], 107 "unique_together": {("session_index", "provider")}, 108 }, 109 ), 110 ]
class
Migration(django.db.migrations.migration.Migration):
11class Migration(migrations.Migration): 12 13 dependencies = [ 14 ("authentik_core", "0051_group_authentik_c_is_supe_1e5a97_idx"), 15 ("authentik_providers_saml", "0019_samlprovider_default_name_id_policy"), 16 migrations.swappable_dependency(settings.AUTH_USER_MODEL), 17 ] 18 19 operations = [ 20 migrations.AddField( 21 model_name="samlprovider", 22 name="logout_method", 23 field=models.TextField( 24 choices=[ 25 ("frontchannel_iframe", "Frontchannel Iframe"), 26 ("frontchannel_native", "Frontchannel Native"), 27 ("backchannel", "Backchannel"), 28 ], 29 default="frontchannel_iframe", 30 help_text="Method to use for logout. Front-channel iframe loads all logout URLs simultaneously in hidden iframes. Front-channel native uses your active browser tab to send post requests and redirect to providers. Back-channel sends logout requests directly from the server without user interaction (requires POST SLS binding).", 31 ), 32 ), 33 migrations.AddField( 34 model_name="samlprovider", 35 name="sign_logout_request", 36 field=models.BooleanField(default=False), 37 ), 38 migrations.AddField( 39 model_name="samlprovider", 40 name="sls_binding", 41 field=models.TextField( 42 choices=[("redirect", "Redirect"), ("post", "Post")], 43 default="redirect", 44 help_text="This determines how authentik sends the logout response back to the Service Provider.", 45 verbose_name="SLS Binding", 46 ), 47 ), 48 migrations.AddField( 49 model_name="samlprovider", 50 name="sls_url", 51 field=models.TextField( 52 blank=True, 53 help_text="Single Logout Service URL where the logout response should be sent.", 54 validators=[authentik.lib.models.DomainlessURLValidator(schemes=("http", "https"))], 55 verbose_name="SLS URL", 56 ), 57 ), 58 migrations.CreateModel( 59 name="SAMLSession", 60 fields=[ 61 ("expires", models.DateTimeField(default=None, null=True)), 62 ("expiring", models.BooleanField(default=True)), 63 ( 64 "saml_session_id", 65 models.UUIDField(default=uuid.uuid4, primary_key=True, serialize=False), 66 ), 67 ("session_index", models.TextField(help_text="SAML SessionIndex for this session")), 68 ("name_id", models.TextField(help_text="SAML NameID value for this session")), 69 ( 70 "name_id_format", 71 models.TextField(blank=True, default="", help_text="SAML NameID format"), 72 ), 73 ("created", models.DateTimeField(auto_now_add=True)), 74 ( 75 "provider", 76 models.ForeignKey( 77 on_delete=django.db.models.deletion.CASCADE, 78 to="authentik_providers_saml.samlprovider", 79 ), 80 ), 81 ( 82 "session", 83 models.ForeignKey( 84 help_text="Link to the user's authenticated session", 85 on_delete=django.db.models.deletion.CASCADE, 86 to="authentik_core.authenticatedsession", 87 ), 88 ), 89 ( 90 "user", 91 models.ForeignKey( 92 on_delete=django.db.models.deletion.CASCADE, 93 to=settings.AUTH_USER_MODEL, 94 verbose_name="User", 95 ), 96 ), 97 ], 98 options={ 99 "verbose_name": "SAML Session", 100 "verbose_name_plural": "SAML Sessions", 101 "indexes": [ 102 models.Index(fields=["session_index"], name="authentik_p_session_662109_idx"), 103 models.Index( 104 fields=["provider", "user"], name="authentik_p_provide_92c2e4_idx" 105 ), 106 models.Index(fields=["session"], name="authentik_p_session_5f125f_idx"), 107 ], 108 "unique_together": {("session_index", "provider")}, 109 }, 110 ), 111 ]
The base class for all migrations.
Migration files will import this from django.db.migrations.Migration and subclass it as a class called Migration. It will have one or more of the following attributes:
- operations: A list of Operation instances, probably from django.db.migrations.operations
- dependencies: A list of tuples of (app_path, migration_name)
- run_before: A list of tuples of (app_path, migration_name)
- replaces: A list of migration_names
Note that all migrations come out of migrations and into the Loader or Graph as instances, having been initialized with their app label and name.
dependencies =
[('authentik_core', '0051_group_authentik_c_is_supe_1e5a97_idx'), ('authentik_providers_saml', '0019_samlprovider_default_name_id_policy'), ('authentik_core', '__first__')]
operations =
[<AddField model_name='samlprovider', name='logout_method', field=<django.db.models.fields.TextField>>, <AddField model_name='samlprovider', name='sign_logout_request', field=<django.db.models.fields.BooleanField>>, <AddField model_name='samlprovider', name='sls_binding', field=<django.db.models.fields.TextField>>, <AddField model_name='samlprovider', name='sls_url', field=<django.db.models.fields.TextField>>, <CreateModel name='SAMLSession', fields=[('expires', <django.db.models.fields.DateTimeField>), ('expiring', <django.db.models.fields.BooleanField>), ('saml_session_id', <django.db.models.fields.UUIDField>), ('session_index', <django.db.models.fields.TextField>), ('name_id', <django.db.models.fields.TextField>), ('name_id_format', <django.db.models.fields.TextField>), ('created', <django.db.models.fields.DateTimeField>), ('provider', <django.db.models.fields.related.ForeignKey>), ('session', <django.db.models.fields.related.ForeignKey>), ('user', <django.db.models.fields.related.ForeignKey>)], options={'verbose_name': 'SAML Session', 'verbose_name_plural': 'SAML Sessions', 'indexes': [<Index: fields=['session_index'] name='authentik_p_session_662109_idx'>, <Index: fields=['provider', 'user'] name='authentik_p_provide_92c2e4_idx'>, <Index: fields=['session'] name='authentik_p_session_5f125f_idx'>], 'unique_together': {('session_index', 'provider')}}>]